Cybersecurity

  • As government agencies migrate to cloud computing and other new technologies, the information technology workforce requirements are changing.

    June 19, 2014
  • The Defense Department's testing its own version of cybersecurity standards for cloud systems. The Defense Information Systems Agency is working with all the military branches to find a cybersecurity program that protects the cloud with Level-3 security requirements. DISA's enterprise cloud broker is conducting the software tests. DoD's chief of the risk management oversight division in the chief information officer's office,Kevin Delaney, isn't sure when the tests will be over. He says the development needs to run incrementally so each level of security controls are working right. The tests are coinciding with the deadline for agency cloud systems to earn security certification through the Federal Risk and Authorization Management Program. Right now FedRAMP offers cloud certification for low to moderate security levels.

    June 19, 2014
  • DISA is working with the services to identify a mission-critical application in the cloud to ensure the additional requirements for Level-3 security are appropriate and achievable. Meanwhile, the FedRAMP program office is beginning to consider what the program will look like in two to three to five years.

    June 19, 2014
  • Chandra McMahon, Lockheed Martin's vice president for commercial markets, discusses NSA's accreditation system that tests cybersecurity companies against 21 separate focus areas.

    June 18, 2014
  • Michael Daniel, the Obama administration's cybersecurity coordinator, says he wants to dismantle the most common method of cyber protection: passwords. Even as cyber threats continue to grow more sophisticated and destructive, passwords are weakening and proving easier to crack than ever. The solution lies in the National Strategy for Trusted Identities in Cyberspace (NSTIC), which calls for a broad "identity ecosystem" to replace simple passwords.

    June 18, 2014
  • Cybersecurity projects and programs are getting some hefty backing from the Senate.

    June 16, 2014
  • The Federal Communications Commission is challenging telecoms to work more closely with it to improve the nation's cybersecurity. FCC Chairman Tom Wheeler says he is not planning more regulations, rather he is asking the companies to share responsibility. Federal News Radio's Executive Editor Jason Miller joined Tom Temin and Emily Kopp on the Federal Drive to discuss the FCC's plans. Read Jason's related article.

    June 13, 2014
  • Chairman Tom Wheeler said he wants to build on the initial success of the critical infrastructure cybersecurity framework released by the White House in February. He said it's not a matter of new regulations, but creating a joint approach to improving the network security across the entire communications sector. Rep. Mike Rogers (R-Mich.) renews hope for Congress to pass information sharing legislation this year.

    June 13, 2014
  • The Pentagon says the Chinese military threat is growing because China steals intellectual property from the United States in giant quantities. DoD's new congressional report on China details violations of U.S. copyright and export laws by Chinese intelligence programs stealing national security technology. Gordon Chang, a contributor to Forbes.com, writes their New Asia column.

    June 09, 2014
  • The National Institute of Standards and Technology gives agencies guidance for continuing the transition to a real-time, dynamic cybersecurity.

    June 06, 2014
  • A new survey by TechAmerica and Grant Thornton found many agency chief information officers continue to spend too much on legacy systems and don't have money to develop or modernize new software or applications. But tools such as PortfolioStat are making a difference in helping senior IT managers understand and have a say in where money is spent in their agency.

    June 06, 2014
  • The Department of Defense recognizes that it and American companies are prime targets for hackers, whether they be a nation-state or individuals. So it's put in place an operating strategy. That strategy is comprised of 5 elements: 1) a defensible architecture; 2) global situational awareness and a common operating picture; 3) a concept for operating in cyberspace; 4) trained and ready cyber forces; and 5) capacity to take action when authorized.

    June 05, 2014
  • USCYBERCOM, according to testimony before Congress, is working on several elements to defend against cyber attacks. Those elements include tactics, techniques, and procedures, as well as policies and organizations. Officials say that also means turning plans into doctrine and training - and building a system that our Combatant Commanders can think, plan, and integrate cyber capabilities as they would capabilities in the air, land and sea domains. Cyber is different from all of them because it's mostly invisible.

    June 05, 2014
  • A computer hacker facing up to 20 years in prison is free after helping the federal government stop hundreds of cyberattacks. He taught agencies how to protect millions of dollars and cripple the hacker group Anonymous. Retired Air Force Maj. Gen. Dale Meyerrose was chief information officer for three Air Force commands and three joint combatant commands. He was also the first CIO of the Office of the Director of National Intelligence and is now president of the Meyerrose Group. He joined In Depth with Francis Rose to explain what kind of precedence this sets for future cybersecurity policies.

    June 02, 2014

ASK THE CIO

ASK THE CIO

THURSDAYS @ 10 & 2 p.m.

Weekly interviews with federal agency chief information officers about the latest directives, challenges and successes. Follow Jason on Twitter. Subscribe on Apple Podcasts or Podcast One.