Alan Paller

In the American Innovation and Competitiveness Act, Congress told NIST to take a deep dive into how agencies understand and use the special publications and Federal Information Processing Standards for cybersecurity that it produces.

The Homeland Security Department launched a new type of red team effort where they break into an agencies’ networks over the next 90 days and help them make long-term, sustainable fixes.

The Office of Management and Budget just posted the latest data from its 30-day cyber sprint. Alan Paller of the SANS Institute and a task force of industry experts offer their insight on what are the next steps agencies should be taking to improve their cybersecurity.

For agency managers responsible for cybersecurity, the last few weeks have been challenging. The data breach affecting millions might have been the direct responsibility of the Office of Personnel Management, but the response has been all-of-government – starting with the now-concluded 30-day cyber sprint. Cyber is a matter of technology, skill and people. Alan Paller, the director of research at the SANS Institute, joined Jared Serbu on the Federal Drive to offer some perspective on what CIOs and cybersecurity officers need to do next.

Alan Paller and John Pescatore of the SANS Institute explain why Katherine Archuleta’s departure may not be a fair nor effective means for addressing the cybersecurity problems at OPM.

President Barack Obama said ”significant vulnerabilities” exist and will continue to accelerate in government and private sector systems, unless changes are made.

The Office of Personnel Management starts notifying employees today that their personal information may have been compromised. As many as 4 million current and former federal employees may be affected. Now the question is, has the government learned anything from this incident, or is it lurching from crisis to crisis? SANS Institute’s Director of Research Alan Paller joined Tom Temin on the Federal Drive for a look ahead.

Under the continuous diagnostics and mitigation program, DHS wants to ensure systems administrators have data on the most pressing threats and vulnerabilities first so they can fix them as soon as possible. John Streufert, DHS’s director of federal network resilience, said the recently-awarded dashboard will be set up to do just that.

Federal cybersecurity officials are in knots over the Heartbleed threat. The vulnerability potentially affects a common data encryption system used on internet servers. Homeland Security says federal web servers are OK. Qualys has a free online SSL Server Test that can analyze a web server. Alan Paller, director of research at the cybersecurity education firm SANS Institute, explained the threat to Federal Drive hosts Tom Temin and Emily Kopp.

Alan Paller of the SANS Institute and Jenny Mattingley of Shaw Bransford & Roth counted down the top federal stories of the week with Francis Rose.