Cloud Computing, Cyber Security, IT Security, Security, Technology

Commerce’s IT modernization is all about shared services

Commerce Secretary Penny Pritzker challenged her senior technology managers to be more collaborative and coordinated in modernizing the agency’s technology infrastructure.

The result of that challenge is a four-pronged approach to the sharing of IT resources.

Steve Cooper, the Commerce Department’s chief information officer, said four working groups are examining the opportunities across technology, finance, human resources and acquisition.

“We are moving toward achieving true shared services in the sense that whatever services are identified by each of those work streams we will then, most likely — and we haven’t done this yet but this is where we are heading — by the end of quarter two or the beginning of quarter three of this fiscal year so we are making very good progress…the idea will be for those services that we agree are viable and could be delivered through a shared services set of providers,” Cooper said. “We’ll likely create an organization inside the Department of Commerce that then would be tasked with the responsibility to select those providers in each of the four functional areas, manage, put service level agreements in place, put appropriate metrics in place and ensure the successful quality delivery of those shared services.”

Cooper said the bureau level CIOs are very supportive of this effort, which, in some ways, pleasantly surprised him.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Anthem breach prompts White House adviser to nudge Congress

The massive cyber attack on Anthem has prompted top White House advisers to encourage Congress to fast-track legislation to bolster the protection of consumer data.

This latest breach, which exposed the sensitive information of 80 million of the managed health services company’s current and former customers and employees, makes the case for “a single national standard to protect consumers from data breaches,” John Podesta, counselor to President Obama, told reporters in a Thursday conference call, according to a Bloomberg report.

Congress is mulling several breach and data protection initiatives, with the House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade holding hearings on what future legislation might look like. Obama has been quite vocal in calling for a national data breach notification law during his State of the Union address as well as a student data privacy act.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

DHS WANTS TO PLUG HOLES IN CYBER DEFENSES WITH BIG DAT

The Department of Homeland Security has a new big idea for improving the cybersecurity of federal agencies and key private industries: big data.

A White House progress report released Feb. 5 detailing how the federal government is seizing big data opportunities said DHS is “working across government and the private sector to identify and leverage the opportunities big data analytics presents to strengthen cybersecurity.”

When queried by Nextgov, a DHS spokesman declined to provide details about the big data efforts outlined in the report.

But in a conference call with members of the President’s National Security Telecommunications Advisory Committee that same day, White House and DHS officials provided glimpses into a number of ongoing initiatives that aim to fuse traditional cyber-defense methods with the real-time intelligence rendered by robust data analytics.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Wearables will fuel a massive surge in mobile data by 2019

The rapidly growing popularity of wearable devices will lead to a surge in volume of mobile traffic, Cisco is predicting.

Cisco forecasts that 578 million wearable devices will be in use around the globe by 2019, up from 109 million last year. That’s a fivefold increase, but the resulting mobile data traffic will increase by a factor of 18 — though most of that traffic will be channeled through smartphones, the networking giant claimed Tuesday in its annual look ahead at traffic trends.

Some wearables, like the upcoming Apple Watch, require using a smartphone to transmit data. But the devices on average already generate six times more traffic per month than a basic handset, Cisco said. Its high-end example of a wearable is a GoPro video cameras, which can generate about 5 MB of mobile data traffic per minute when live streaming.

Overall, there will be 11.5 billion mobile connections by 2019. Of those, 8.3 billion will come from personal mobile devices such as smartphones, tablets and laptops, which Cisco claimed will see a resurgence as they take on more features found in tablets.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Drones and cybersecurity Part 2: Solutions

Drones and cybersecurity part 1: The challenges we face and cybersecurity’s role,” we’ve heard of more incidents of drones flying around and near airports, discussions about the exploding use of drones for official, commercial, and private use, …and a private drone crashing on the White House lawn. Safe to say the sense of urgency has ratcheted up quite a bit.

Conventional methods to detect and mitigate threats from drones are limited; radars either don’t detect drones or characterize them incorrectly (i.e. migratory birds). Additionally, if radar does detect the drone, it cannot mitigate the threat or identify the source. Clearly a comprehensive solution that finds and IDs the drone platform, mitigates the threat safely, and provides forensic evidence to government and law enforcement officials is necessary whether you’re protecting the Super Bowl, an airport, or a government facility.

As I mentioned last time, drones have onboard logic and communications channels, therefore the use of advanced cybersecurity platform protection techniques can be employed. Defense contractors and technology companies alike are developing cybersecurity solutions to address the aforementioned challenges. One approach that has been developed creates a “cyber fence” that employs the use of cyber defense techniques found on traditional IT networks, except it uses those techniques against platforms such as drones. This cyber fence can be integrated into other physical, electronic, and cyber defense mechanisms to offer full protection against this threat.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

State-sponsored Chinese hackers reportedly suspected in Anthem breach

Hackers involved in the data breach at U.S. health insurer Anthem may have ties to the Chinese government, according to a news report.

Investigators see techniques used by a nation-state attacker, with China a leading suspect, reported Bloomberg Business. The news report cited information from three people close to the investigation, being conducted by the U.S. FBI and private cybersecurity firm Mandiant.

The investigation is in its early stages, but some of the software and techniques used in the Anthem attack are similar to other attacks used almost exclusively in the past by China, according to the Bloomberg article.

The personal information, including Social Security numbers and email addresses, of about 80 million people may be exposed in the breach, according to Anthem. Anthem has 37.5 million subscribers for its health plans, and more than 68 million people are customers of its affiliated companies under brands including Blue Cross and Blue Shield, Empire Blue Cross and Amerigroup.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

EXCLUSIVE: OPM MONITORING ANTHEM HACK; FEDS MIGHT BE AFFECTED

The Office of Personnel Management is keeping a close eye on details emerging about a hack at the second biggest U.S. health insurer, Anthem Inc., which provides coverage to 1.3 million federal employees.

Anthem runs the Blue Cross-Blue Shield Service Benefit Plan, better known as the Federal Employee Program, or FEP, in many states, including Virginia, California and New York.

“OPM is closely monitoring the situation,” an agency spokesman told Nextgov. “Anthem informed OPM that it shut down the network in question and is working to ensure the security of its systems as it investigates the extent of the breach.”

When contacted by Nextgov on Thursday, Anthem officials were not ready to discuss the potential ramifications of the incident for current or former federal employee members.

In a statement, officials said intruders perpetrated “a very sophisticated attack” to break into Anthem’s systems, and the offenders “have obtained personal information relating to consumers and Anthem employees who are currently covered, or who have received coverage in the past.”

The affected database housed records on roughly 80 million customers and tens of millions of records were copied, according to The Wall Street Journal, which first reported the incident.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Army turns to commercial partners to keep ISR edge

Facing both shrinking research and development budgets and a need to adopt faster and more flexible ISR network technologies, such as software-defined networks (SDNs), the Army is now looking to its commercial partners for assistance in developing innovative solutions.

“We work closely with both internal — Army and [Department of Defense] — research facilities, as well as contractors from multiple fields supporting cyberspace,” said Lt. Col. Jackie Jones, a spokesman for the Advanced Concepts and Technology Directorate (ACTD) of Army Cyber Command in Fort Belvoir, Virginia. Jones said the decision to work in closer collaboration with commercial partners is being made out of necessity. “While DoD research facilities may expand the number of technologies they develop and evaluate, they are not growing in capacity at the same rate as the civilian marketplace.”

Jones noted that by forming close ties with industry, academic and other external R&D organizations, the Army hopes to achieve and maintain a thorough understanding of all emerging ISR network technologies. “Currently, not all cyberspace capability requirements from commanders can be accomplished with existing technologies,” he said. “As operations being conducted in and through cyberspace become more integrated within military operations … research and development into new capabilities will be necessary for the Army to stay at the leading edge of technology with respect to our adversaries.”

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Obama budget pushes better decisions using open data

Included in the president’s 2016 budget proposal are several initiatives to increase access to data and improve the government’s evidence-based decision making.

“The administration is committed to continuing cost-effective investment in federal statistical programs in order to build and support agencies’ capacity to incorporate evidence and evaluation analyses into budget, management and policy decisions,” the budget reads. “The 2016 budget includes a package of proposals that would make additional administrative data from federal agencies and programs legally and practically available for policy development, program evaluation, performance measurement and accountability and transparency efforts.”

Overall, the president’s budget offers a 2.5 percent increase for statistical programs, rising from $4.2 billion in 2015 to $5.2 billion under the 2016 proposal.

One of the largest data-producers in the federal government, the Census Bureau, would get an additional $10 million to continue building out its collection of datasets and the infrastructure that allows users to collate, analyze and share that data.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard
Cloud Computing, Cyber Security, IT Security, Security, Technology

Stopping the Next Cyber-Attack

Chances are, your company’s computers will come under attack sometime soon. The perpetrators may want to steal personal information. They may want trade secrets or intellectual property. They may simply want to annoy you.

Whatever their motives, by one estimate cybercrime is already costing the global economy more than $400 billion a year. After years of unproductive debate, the U.S. government finally looks ready to get serious. A big cybersecurity bill is likely to be introduced soon.

The question that springs to mind is whether that remedy might be more harmful than the disease. When it comes to digital security, the government — to put it mildly — can no longer take the country’s trust for granted. A systematic assault on cybercrime is necessary, but the policy must have safeguards and oversight built in from the start, not tacked on as afterthoughts.

Read More

Cyber Security World Conference 2015 New York City, July 10, brings together information security experts and senior executives focused on protecting today’s enterprises from internal and external cyber attacks; the list of firms just keeps growing: Adobe, ADP, Citigroup, E*Trade, Fidelity, Home Depot, HSBC, JPMorgan Chase, Nasdaq, Neiman Marcus, Target and Wal-mart. Our experts will discuss strategies to strengthen corporate defenses, the cybersecurity framework, risks brought by mobile computing, lessons for the boardroom and protecting national infrastructure against foreign attacks. More information at http://cybersecurityworldconference.com.

Standard