Cybersecurity
DISA could spend close to $1B on security over three years
The agency's plan emphasizes increased defense against insider threats and protection of DOD's classified network.
Cybersecurity
Lack of info feeds public outcries about privacy, experts say
Agencies need to do a better job of letting the public know how personal data is being protected.
Cybersecurity
Improve FISMA processes now, experts say
FISMA must evolve from paper-based compliance processes to technology-based security processes, said Alan Paller of the SANS Institute and Bruce Brody of CACI.
Cybersecurity
NATO, DOD to sign cybersecurity pact
DOD and NATO plan to share incident and threat information, officials say. Feds also say they aided in the response to the recent denial-of-server attack.
Cybersecurity
Limited access is crucial to next-generation security, Microsoft execs say
Bill Gates and Craig Mundie said people want to be able to share information without giving partners access to entire networks.
Cybersecurity
Industry gives government IT security a D
Last year’s data leaks and lack of legislation to protect private information led to the grade from the Cyber Security Industry Alliance.
Cybersecurity
CAC use nearly halves DOD network intrusions, Croom says
DISA director all but rules out use of Outlook Web Access by remote users because of its poor security.
Cybersecurity
Building the IT workforce is a priority for CIO council
The council's two-year strategic plan also lists lines of business and information security among its top concerns.
Cybersecurity
N.Y. issues ID management guideline
Document will help state and local agencies manage access to their online resources.
Cybersecurity
Illinois reaches PKI milestone
Illinois issued its 100,000th digital certificate earlier this month, a total fueled by the state’s enterprise-scale public-key infrastructure.
Cybersecurity
NIST stages competition to improve cryptographic standard
Researchers have proven the vulnerability of the widely used Secure Hash Algorithm-1 standard, which is the basis for Secure Sockets Layer technology.
Cybersecurity
DOD seeks contractor training requirement rule change
Amending the Defense Federal Acquisition Regulation Supplement’s training requirements would apply to contractors who perform information assurance work for DOD.
Cybersecurity
IDC survey: People and processes are key for security
Government officials focusing more on policy, processes and people to fortify information security.
Cybersecurity
Evans: HSPD-12 program is not an unfunded mandate for agencies
But the IT industry is not so sure that federal agencies can pay for the secure identity credentialing program.
Cybersecurity
TWIC card, management costs rise as program gears up
Final TWIC rule indicates that authorities will issue worker ID cards before most maritime facilities have card readers installed.
Cybersecurity
SaaS suppliers must educate fed buyers
Procurement shouldn't impede deployment of software as a service if federal buyers properly understand benefits.
Cybersecurity
Subcommittee will examine information privacy, security
Rep. Clay, the new chairman of the information policy subcommittee, plans to delve into problems highlighted by incidents of information breaches in 2006.
Cybersecurity
IG: Coast Guard IT controls leave TSA data vulnerable
The Coast Guard, which hosts key TSA applications, needs to address continuing weaknesses in access controls, according to a new report.
Cybersecurity
OMB checks progress on HSPD-12
Starting March 1, agencies must report quarterly on their Web sites how many credentials they have issued.
Cybersecurity