Biography for David Perera
David Perera is executive editor of the FierceMarkets Government Group, which includes FierceGovernment, FierceGovernmentIT, FierceHomelandSecurity, and FierceMobileGovernment. He has reported on all things federal since January 2004 and is co-author of Inside Guide to the Federal IT Market, a book published in October 2012. Based in greater-metro Washington, D.C., Dave can be reached here and can be found on LinkedIn or here. Tweeting at @daveperera.
Articles by David Perera
The Office of Management and Budget has "ample legal authority to adopt reforms," say authors of the report (.pdf)--who include former OMB executives, including Karen Evans who occupied the equivalent position of federal chief information officer during much of the Bush administration and cybersecurity experts including James Andrew Lewis of CSIS.
In a report (.pdf) published earlier this year, auditors note that the U.K. government intends for half of its major information technology projects to utilize Agile Development by April 2013. As a result, the average delivery time should go down by 20 percent in 2014.
Spammers managed to add a gloss of federal credibility to their websites by recycling the open redirect vulnerabilities of state and local websites through the USA.gov URL shortener, a Symantec analyst found. An open redirect vulnerability occurs when a web server doesn't control the parameters of a redirect--allowing anyone to create their own redirect on top of a legitimate URL.
Public safety has had exclusive license to the 4.9 GHz band since 2002 for fixed and mobile services, but in a notice of proposed rulemaking for which the FCC is extending the comment period, the commission notes the band has gone underutilized. There are 2,442 licenses for 4.9 GHz public safety use--a scant number when compared to the fact of 89,476 local governmental jurisdictions in existence as of 2007.
In a report (.pdf) dated Sept. 27, auditors say EPA cybersecurity staff haven't confirmed that corrective actions have been taken to address known weaknesses. Plans of action and milestones "were either not created or were not created until our audit was underway," and the office of environmental information doesn't require system owners to follow up with vulnerabilities identified during monthly network testing, auditors say.
Only a minority of surveyed governments reported ad hoc activity for basic measures such as anti-virus protection and physical and logical access controls, but fewer were able to report robust activity for measures such as risk management and audit trails.
Efforts at the Internal Revenue Service to use the mandatory governmentwide identity cards required by Homeland Security Presidential Directive-12 for logical access threaten to run into more delays, says the Treasury Inspector General for Tax Administration.
The intelligence community is running an acquisition pilot under which qualified apps or widget developers can submit their code to a marketplace and be paid a nominal fee--but if the application's uptake is significant, be paid what it would have cost the federal government to otherwise purchase it, said Dawn Meyerriecks, assistant director of national intelligence for acquisition, technology and facilities.
Export control regulations shouldn't necessarily be an obstacle to the release of unclassified government open source code, said David Wheeler, a research staff member of the Institute for Defense Analyses. He spoke Oct. 15 during the Mil-OSS WG4 conference in Arlington, Va. "If you determine that it's okay to release to the public, there is no more ITAR control," he said.