Government - Page 33 - Results from #640

Discover Government News

Intelligence Community's New Approach to Security Certification Reform

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The intelligence community is turning to Defense services and agencies, as well as representatives from industry and academia, to help them overhaul their outdated and ineffective certification and accreditation processes. This month, personnel will begin receiving invitations to participate in one of two teams—a green team and a gold team—that will ultimately make suggestions on how to improve certification and accreditation processes across the intelligence community.

Brittany Day
May 26, 2006

OMB Directs Federal Agencies To Enhance Personal Data Security

The Office of Management and Budget has directed agencies’ senior privacy officials to review and correct any policies and processes to ensure that they protect against misuse of or unauthorized access to personally identifiable information.

Brittany Day
May 23, 2006

State Department: Lenovo Hardware Risks Lead To Security Restrictions

The State Department, reacting to security concerns after its purchase of computers from a Chinese company, will not use the equipment for classified information, an aide to Virginia Republican Rep. Frank Wolf said on Thursday.

Brittany Day
May 21, 2006

Commerce Department Enhances Security Training Through ISC2 Program

The Commerce Department has awarded a task order to the International Information Systems Security Certification Consortium, or (ISC)2, to provide an expanded information security education program for the department’s information security employees.

Brittany Day
May 19, 2006

UK Law: Encryption Key Disclosure by Individuals and Businesses

Businesses and individuals may soon have to release their encryption keys to the police or face imprisonment, when Part 3 of the RIP Act comes into effect. The UK Government is preparing to give the police the authority to force organisations and individuals to disclose encryption keys, a move which has outraged some security and civil rights experts.

Brittany Day
May 18, 2006

Open Source Revolutionizes Government Security Standards and Choices

Open-source stacks are poised to shake up the world of government security certifications, such as the National Institute of Standards and Technology's Federal Information Processing Standard 140-2 and the National Information Assurance Partnership's Common Criteria ratings. Agencies that must buy software to meet these standards are finding that an open-source, modular approach can provide new choices on the marketplace.

Benjamin D. Thomas
May 17, 2006

Understanding Telecom Data Privacy Amid NSA Requests and Customer Rights

Imagine being the head of a major telecommunications company in the United States. You and your lawyers have developed a carefully worded privacy policy to conform with the law. In it you tell your customers that you do not share information about your customers' use of your services except for particular business purposes, and to ensure that the calls get through. You also tell your customers that you, of course, give information in response to lawful subpoenas or lawful mandates of law enforcement agencies. And that's about it.

Brittany Day
May 15, 2006

New Federal Legislation to Address Identity Theft Through SSN Restrictions

Democratic and Republican politicians on Thursday both promised to enact new federal laws by the end of the year that would restrict some commercial uses of Social Security numbers, which are often implicated in identity fraud cases. "Whether Social Security numbers should be sold by Internet data brokers to anyone willing to pay, indistinguishable from sports scores or stock quotes... to me, that's a no-brainer," Texas Republican Joe Barton, chairman of the U.S. House of Representatives Energy and Commerce Committee, said at a hearing. Such a practice should not be allowed, he said, "period, end of debate."

Brittany Day
May 12, 2006

Exploring SCADA Threats in Critical Infrastructure and Their Impact

As government and industry start taking the cybersecurity of industrial control systems more seriously, shocking and funny stories are emerging.

Brittany Day
May 11, 2006

Privacy Risks In National Electronic Health Records Network

WASHINGTON D.C. -- The push for a national network of electronic medical records poses significant privacy risks at the same time that it promises to save lives, said members of a panel here at the Computer, Freedom and Privacy Conference on Wednesday.

Brittany Day
May 11, 2006

Diebold: Critical Security Flaw Threatens Election Integrity

Elections officials in several states are scrambling to understand and limit the risk from a "dangerous" security hole found in Diebold Election Systems Inc.'s ATM-like touch-screen voting machines. The hole is considered more worrisome than most security problems discovered on modern voting machines, such as weak encryption, easily pickable locks and use of the same, weak password nationwide.

Brittany Day
May 10, 2006

NIST Performance Metrics Guidance for Federal IT Security Compliance

The National Institute of Standards and Technology has released the initial public draft of its Special Publication 800-80 titled Guide for Developing Performance Metrics for Information Security. NIST is inviting public comment on the guidance, which provides a methodology for linking information security program performance to agency performance. It is a companion guide to SP 800-55, titled Security Metrics for Information Technology Systems, and uses security controls spelled out in a third NIST publication, SP 800-53 Recommended Security Controls for Federal Information Systems.

Brittany Day
May 05, 2006

Military Cyber Training Exercise Enhances Network Security Skills

In an obscure office park midway between Baltimore and Washington, about 50 men and women use laptop computers to break into networks at the nation's military service academies. When one of them is successful at penetrating a networked computer, they get up and ring a bell. "We hit a remote desktop on a workstation," one hacker proclaims. Everybody in the room breaks into applause, like the whole issue of national security is just a game -- and in this case, it is.

Brittany Day
May 04, 2006

Future of Security Strategy in Public Sector Transformation

Security deperimeterisation is at the heart of plans that underpin the Cabinet Office's high-profile transformational government programme, delegates at the Infosecurity Conference will be told today. Increasing demands for public sector bodies to exchange information and share IT services will mean that traditional approaches to security will no longer be appropriate, the Cabinet Office's security adviser will say. Steve Marsh, director of the Central Sponsor for Information Assurance, said that a new security architecture would play a key role in the transformational government plan.

Benjamin D. Thomas
Apr 26, 2006

Federal Cybersecurity Coordination Recommendations on R&D

The Bush administration has drafted a federal plan to improve cybersecurity research and development. Yesterday, the National Science and Technology Council, a Cabinet-level body that coordinates governmentwide science and technology policies, issued a preprint release of the “Federal Plan for Cyber Security and Information Assurance Research and Development.

Brittany Day
Apr 25, 2006

Impacts of Georgia's New Law on Computer Forensics and Licensing

A new law in Georgia on private investigators now extends to computer forensics and computer incident response, meaning that forensics experts who testify in court without a PI license may be committing a felony. In the U.S. television show "Medium," Patricia Arquette's character uses her "special psychic skills" to help solve crimes. If a new law passed by the Georgia legislature but not yet signed by the Governor goes into effect, not only could Miss Arquette's character face legal troubles, but thousands of computer security consultants would face the very real threat of jail time - simply for plying their trade.

Benjamin D. Thomas
Apr 25, 2006

In-Depth Analysis of NIST 800-53 Framework for Federal Security

Although it's less well known than some of the standards and models in place at many businesses today, an emerging framework being used within the federal government could help organizations improve their security, according to information security experts. NIST 800-53 was created in 2005 by the National Institute of Standards and Technology, as required by the Federal Information Security Management Act of 2002. It provides guidelines for selecting and specifying security controls for information systems that support the executive agencies of the U.S. government.

Benjamin D. Thomas
Apr 19, 2006

Jeanson James Ancheta's Guilty Plea: A Growing Cyber Threat

In January this year, 20-year-old Jeanson James Ancheta pleaded guilty in a California court to charges that he had broken into government computers and taken control of them for purposes of fraud. He had planted Trojan software on the systems at the China Lake Naval Facility in California's Mojave Desert, enabling him to manipulate computers on the network there. He had then used the computers to generate hits on Web site advertisements, for which the advertisers paid according to the traffic they received.

Benjamin D. Thomas
Apr 18, 2006

IRS Proposal: Addressing Tax Data Sharing Alongside Privacy Concerns

A rule change proposed by the U.S. Treasury Department and the Internal Revenue Service (IRS) has come under fire from privacy advocates who have taken issue with a clause allowing tax preparers to sell tax-return information to third parties. Introduced last December, the IRS change was proposed to update regulations that govern how tax preparers handle return information. These rules have not been changed since 1974, and the IRS wrote in the proposal that the revision will give preparers greater flexibility in the age of electronic filing.

Benjamin D. Thomas
Apr 17, 2006

Upcoming UK Computer Misuse Act Changes Targeting Cybercrime Legislation

MPs are preparing to get tough on hackers as the law on computer misuse and hacking is up for a revamp. For some years now, critics of the Computer Misuse Act (CMA) 1990 have said that gaps in the legislation have made it very hard to prosecute anyone. As a result, this summer the CMA will be updated by the new Police and Justice Bill, which will increase the scope and strengthen the sanctions available against hackers.

Benjamin D. Thomas
Apr 17, 2006

Community Poll

More Polls

Government - Page 33

2027 Budget Cuts Impact Linux Security Data Quality and Coordination

Austria: Enhancing Military IT Security and Sovereignty with LibreOffice

Understanding Schleswig-Holstein's Bold Move to Open Source