"OMB staff said that they were unaware of the rationale for the 1-hour time frame, other than a general concern that agencies report PII incidents promptly," says the recently released report, dated Dec. 9. After just an hour, agencies often have little to report to US-CERT, the cyber incident response unit at DHS, but must do so under Office of Management and Budget guidance.
The Centers for Medicare & Medicaid Services and its contractors have paid little attention to addressing potential fraud and abuse vulnerabilities in electronic health records, according to a report from Health and Human Services Department's Office of Inspector General.
Legislation proposed by Sen. Patrick Leahy (D-Vt.) would make it an explicit felony to damage critical infrastructure systems or information, with violators subject to three to 20 years imprisonment. Leahy's bill comes as the House prepares to vote Friday on two healthcare data related bills that both passed through the House Rules Committee on Wednesday.
The Office of Personnel Management Dec. 27 issued a draft description of a formal records management occupational series. The draft position clarification flysheet for records management professionals intends to fulfill a requirement under President Obama's 2011 memorandum on managing government records.
A European Parliament committee is getting ready to recommend suspension of the safe harbor agreement allowing American companies to attest they meet the union's data protection requirements and so legally process Europeans' data.
Fallout from the possible insertion of a backdoor by the National Security Agency into a random bit generator algorithm published by the National Institute of Standards and Technology continues to propagate, with it now casting doubt on computer security firm RSA.
The most successful public sector crowdsourcing projects simply focus on encouraging maximum crowd participation, finds a recently published academic paper. And, where factors such as customization have proven important to e-commerce, crowdsourcing participants appear to care little about a custom experience.
The dominant contemporary approach to cybersecurity is analogous to public health, "in which education, monitoring, epidemiology, immunization and incident response" are key planks, write Sandro Gaycken and Greg Austin, both of fellows at the EastWest Institute, in a new paper.
A slow transition to federal telecommunications contract Networx caused agencies to miss out on $329 million worth of savings and the GSA to spend an extra $66.4 million on supporting it, finds the GAO. A newly released Dec. 5 GAO report attributes the protracted transition to the GSA-managed set of telecom contracts awarded in 2007 from the previous contract vehicle FTS2001 to a complex acquisition process and agency weaknesses in project planning.
The Defense Department's dedication to offensive cyberspace capabilities--anywhere from 2.5 to 4 times greater than defensive measures when measured by research dollars--rests on a false set of assumptions, said Peter Singer, a senior fellow at the Brookings Institution.
The Gulf region of the Middle East has emerged as a flashpoint for cyber conflict after becoming infected with targeted advanced malware such as Stuxnet and as area governments have also become sensitized to the Internet's new role as a protest organizing tool, writes the Center for Strategic and International Studies' James Lewis.
The Postal Service could help sustain its advertising mail business by adding a scannable code for recipients to provide feedback to advertisers, a report from the office of inspector general says.
Two Oxford University academics say there's potential in looking at Google searches and Wikipedia pageview trends for predicting the outcomes of elections. In a December paper, Taha Yasseri and Jonathan Bright, both of the Oxford Internet Institute, acknowledge that search activity suffers from the immediate problem of being opaque about the searcher's sentiments.
The Federal Aviation Administration still has work ahead of it before it can turn a database of aviation safety data into an tool capable of making predictive analytics, says the Transportation Department office of inspector general.
A computer code that will terminate Social Security benefits for some beneficiaries who are at least 115 years old is among the steps that the Social Security Administration is undertaking to improve its death records.
The Federal Emergency Management Agency is taking first steps toward redesigning the service oriented architecture that virtually consolidates multiple public alerting systems.
Since the Veterans Affairs Department restarted its pharmacy reengineering software development project, or PRE, in 2009 it has missed milestones, lacked appropriate oversight and faces an uncertain future in terms of compatibility with other VA electronic health record plans, finds a Dec. 23, 2013 office of inspector general report (.pdf).
This year's national defense authorization act, signed into law by President Obama Dec. 26, includes Senate Armed Services Committee language requiring development of a new cyber attack deterrence policy. The concept of cyber deterrence can be controversial, with critics worried that genuine cyber attacks get conflated with data theft and that established mechanisms for deterrence such as broadcasting offensive capabilities could backfire on the United States.