Across the board, major federal agencies are not consistently responding to cyber incidents, such as computer network breaches. About 65 percent of the time agencies aren't completely documenting actions taken in response to detected incidents, concludes the Government Accountability Office.
Congressional investigators found that the Army is using various competitive strategies to reach out to private industry in an effort to modernize its tactical communications and information networks.
Citizen participation can be advanced through the use of technology – whether by providing better access to information or improving communication with officials – but probably not to the extent that some believe, says a new report.
A material weakness still exists in the Veterans Affairs Department's information security program, concludes the department's inspector general in its annual Federal Information Security Management Act audit.
Network Services 2020, the General Services Administration's mega telecommunications contract that will replace Networx, will span everything from advisory services, to satellite, with enough flexibility for eventually include emerging technology like mobile-to-mobile solutions, say GSA officials.
While China-based cybercriminals pose the biggest threat to U.S. industry in terms of economic espionage, one of the nation's closest allies isn't far behind, according to Robert Gates, former secretary of the Defense Department. "In terms of the most capable, next to the Chinese, are the French – and they've been doing it a long time," said Gates, during a recent event hosted by the Council on Foreign Relations and posted online May 21.
By January 2013 all Veterans Affairs Department websites were required to conform with Section 508 of the Rehabilitation Act, but not only are many VA websites non-compliant, the department lacks a clear timeline for meeting the requirement. Section 508 requires federal agencies to make electronic content and information technology accessible to people with disabilities.
The Homeland Security Department would have more flexibility in hiring and retaining cybersecurity professionals under a bill introduced May 20 by Sen. Tom Carper (D-Del.). The bill (S.2354) was reported favorably to the full committee May 21 and aims to help the department compete with the private sector in staffing its cybersecurity workforce.
The Justice Department's recent charges against members of China's People's Liberation Army for economic espionage and stealing trade secrets from American companies were part of a years-long effort, says a senior DOJ official.
New research out of China says that the United States is the real perpetrator when it comes to cyber espionage.
The federal cybersecurity framework released earlier this year is helping critical infrastructure sectors that previously lagged catch up to those with more expertise, said Ari Schwartz, a White House cybersecurity official.
The Federal Trade Commission wants Congress to consider legislation that would rein in data brokers – requiring them provide more information to consumers on their operations and reasonable access to the data collected about individuals.
The Obama administration doesn't need to develop new cybersecurity regulations, a review by the administration has concluded. Voluntary implementation of the cybersecurity framework that the National Institute of Standards and Technology released in February will suffice for now.
The lack of Office of Management and Budget guidance on managing software licenses drew criticism from the Government Accountability Office in a recent report, but OMB says it has done enough.
"The United States neither owns nor controls the Internet. And it would be incredibly arrogant and counterproductive to argue that we should," said Ambassador Daniel Sepulveda, deputy assistant secretary of state. Sepulveda coordinates information policy at the department's bureau of economic and business affairs.
As governments and communities become more awash in data from sensors, smartphones, wireless networks and other technologies, there are significant opportunities to harness that information to improve society and its security. But there is also a balancing act with privacy that needs greater examination and discussion, according to a panel of security experts who spoke May 20 at the Center for Strategic and International Studies in Washington, D.C.
Although the American Civil Liberties Union is an active participant in a multistakeholder process to address privacy and facial recognition technology, the group says a National Telecommunications and Information Administration-backed code of conduct will not provide sufficient privacy protection.
Due to hard work and improved coordination throughout the federal government, the impact of the Heartbleed bug on the dot-gov domain has been minimal, said Larry Zelvin, director of the National Cybersecurity and Communications Integration Center within the Homeland Security Department's National Protection and Programs Directorate.
The Defense Department may keep four separate systems to track the hundreds of thousands of contractors it employs, says the Government Accountability Office.