Cybersecurity has grown in importance as networked systems become irreplaceable methods for delivering federal services and enabling day-to-day operations. The Office of Management and Budget reported in March 2010 that during fiscal 2010 agencies identified 41,776 cyber incidents--a 39 percent increase in cyber attacks over the previous year.

Big changes are afoot in the federal cyber arena, with the Defense Department having stood up Cyber Command, the Homeland Security Department readying active defense measures for federal networks and the entire federal government debating the role it should play in securing critical infrastructure in private sector hands. 



Latest Headlines

Latest Headlines

Lawmakers may force VA to act on information security

Perennial information security weaknesses at the Veterans Affairs Department have led a House Veterans' Affairs subcommittee to consider legislation to compel the VA to address them, perhaps at the expense of its discretion. The draft legislation would require "very specific security control activities," said Greg Wilshusen, a Government Accountability Office official who reviewed it.

Cybersecurity training at EPA too specific or too general

The Environmental Protection Agency's primary tool for information security training is too technical for executives but too general for technical personnel, say auditors.

European Parliament approves cybersecurity cooperation legislation

Legislation aiming to improve cybersecurity cooperation between European Union member states passed the European Parliament March 13. All member states would also have to establish a computer emergency response team to handle cybersecurity incidents.

Major departments seek continuous monitoring acquisition independence from DHS

Some federal agencies are choosing to buy continuous monitoring tools independently of the Homeland Security Department-set schedule for the Continuous Diagnostics and Mitigation Program despite forfeiting DHS procurement money for those tools.

DoD abandons DIACAP in favor of the NIST risk management framework

An effort to align defense and federal civilian cybersecurity guidance culminated this month with the Defense Department jettisoning its specialized certification and accreditation process.The change is an expected one that grew in likelihood as the DoD and NIST actively sought over the past few years through a joint task force common ground in their cybersecurity guidance documents.

NIST requests $8M increase for NSTIC

An Obama administration effort to replace online passwords with an "identity ecosystem" led by the National Institute of Standards and Technology would receive $24.5 million under the White House budget proposal for the coming fiscal year.

NIST seeks increased funding for securing cyber-physical systems

A new generation of smart systems that network previously stand-alone devices – such as your thermostat – also bring the potential for dramatic new cyber attacks, says the National Institute for Standards and Technology. In newly released details of the agency's  budget proposal  for the coming year, NIST says it needs $18.8 million to study "cyber-physical systems," with $5 million of that dedicated to improving their security.

Encryption, access control problems common for state Medicaid agencies

Problems with encryption and access control are common among the systems used to process Medicaid claims, says a report from the Health and Human Services Department office of inspector general.

Spotlight: Liability protection unresolved cyber threat sharing impediment, says Alexander

A significant unsolved challenge to cyber threat information sharing between the federal government and the private sector is how to address liability, said outgoing National Security Agency head Gen. Keith Alexander.

Streufert: Agencies aren't dropping out of DHS continuous monitoring program

Reports that major federal departments are refusing to participate in a Homeland Security Department-led contract for continuous monitoring tools are untrue, said a DHS official Tuesday.