Six deliverables were unveiled across government May 23--20 percent of all the goals laid out in the plan. Five of the announcements were directly related to mobile adoption, use and services in the federal government, while one advances open data efforts around APIs and data.gov.
The risk of a cyber attack executed via corrupt hardware inserted into a global supply chain is considered to be low in the private sector, reports the Government Accountability Office.
CAMBRIDGE, Md.--The National Strategy for Trusted Identities in Cyberspace will succeed where other federal attempts at offering the public a common online identity have not, said Jeremy Grant, senior executive advisor for identity management at the National Institute of Standards and Technology. Grant spoke May 21 during a panel session during the annual ACT-IAC Management of Change conference.
"Technology doesn't always carry the day when you need to present a program to a set of executives in a federated organization," said Commerce Department Chief Information Security Officer Rod Turk during a May 20 panel discussion at ACT-IAC's Management of Change Conference in Cambridge, Md. Department CISOs and the teams that support them have to coordinate with an array of stakeholders.
Departures at the executive level have garnered some attention in recent years starting with the departure in fall 2011 of Sean McGurk, then the head of the National Cybersecurity and Communications Integration Center. "What does it say about the department's cyber organization when it cannot retain its senior cyber leadership as well?" said Rep. Yvette Clarke (D-N.Y.).
An analysis of comments received so far by the National Institute of Standards and Technology to the cybersecurity framework called for by President Obama's February cybersecurity executive order shows respondents so far show risk management approaches to be a matter of nearly universal concern.
The House Appropriations homeland security subcommittee fiscal 2014 spending bill, to be marked up by the subcommittee May 16, proposes spending $786 million for Homeland Security Department cybersecurity operations, says a committee statement . That amount would total $24 million below the White House request and $30 million above the fiscal year 2013 enacted level, the committee adds.
Environmental Protection Agency auditors say information technology controls at Office of Research Division research facilities need improvement following an assessment of five facilities that uncovered vulnerabilities such as unsecured workstations.
The Cold War staple of deterrence through brandishing weapon capabilities is far more complex when it comes to the cyber domain, notes a Rand scientist in a paper commissioned by the office of the secretary of defense.
Beyond asking agencies to guard against the release of data with personally-identifiable information, the Open Data Policy published by the White House May 9 directs agencies to account for the "mosaic effect" of data aggregation. The mosaic effect occurs when information alone is not identifiable but when coupled with other available information poses a privacy or security risk.