The OPM now says that the fingerprints of 5.6 million persons were stolen in its catastrophic data breach. For the moment, at least, the loss of a Social Security number probably is more serious. But that could change. There is no way to make it sound good. The theft by hackers of the fingerprints of … Continue reading How Serious is the OPM Fingerprint Breach?
William Jackson
Can Cyber Insurance Help You Become More Secure?
A report from PricewaterhouseCoopers predicts rapid growth in the cyber insurance market in the next five years and identifies some weaknesses in the industry. Its recommendations could help improve global cybersecurity. Cybersecurity insurance has gotten quite a bit of attention in the past couple of weeks. A report by PricewaterhouseCoopers predicts significant growth in the … Continue reading Can Cyber Insurance Help You Become More Secure?
GPS Could Be At Risk
After years of delays and cost overruns in the GPS modernization program, the DOD system is in danger of falling out of date and dropping below the threshold for the number of satellites needed to ensure reliable positioning data for military and civilian users. About eight years ago the Air Force began a multi-billion-dollar program … Continue reading GPS Could Be At Risk
“How To” Guide for ID and Access Management in the Electric Industry
A NIST panel, working with the electric industry, has developed a guide for centralizing ID and access management to better protect the evolving Smart Grid from online and internal threats. As the electric power industry upgrades its legacy systems to an interactive Smart Grid that enables remote monitoring and a two-way flow of information, vulnerabilities … Continue reading “How To” Guide for ID and Access Management in the Electric Industry
FCC Reminds Commercial WiFi Providers that the Airwaves Belong to the public
The FCC has fined a networking company for blocking independent WiFi access in convention halls, the second major action against companies using deauthentication technology in two years. Blocking any legal radio communications is illegal. If you take your laptop or tablet to tradeshows and conferences, you know it can be a headache connecting to the … Continue reading FCC Reminds Commercial WiFi Providers that the Airwaves Belong to the public
U.S. Seeks Better International Cooperation on Cybersecurity Standards
The Obama administration wants to leverage U.S. participation in international standards-making to improve the nation’s cybersecurity. The Obama administration wants to improve coordination between federal agencies and with other nations in developing technical standards to help improve U.S. cybersecurity. The nation’s economy and security increasingly depend on the use of commercial IT products and international … Continue reading U.S. Seeks Better International Cooperation on Cybersecurity Standards
FedRAMP Continues its Evolution
Six months into FedRAMP Forward, a two-year initiative to improve agency adoption of cloud services, the program is citing success and continuing to fine tune policies. The FedRAMP Program Management Office says that 82 percent of more than 1,400 federal cloud implementations have received FedRAMP authorization and that the program saves an estimated $70 million … Continue reading FedRAMP Continues its Evolution
Senators Want Agencies to Get Serious About Cybersecurity; But is Congress Serious?
A Senate bill would require agencies to deploy the EINSTEIN intrusion prevention system and implement basic cybersecurity practices in an effort to stem breaches of federal information systems. It remains to be seen whether additional congressional mandates would make any difference. The Senate Homeland Security and Governmental Affairs Committee has approved a bill that would … Continue reading Senators Want Agencies to Get Serious About Cybersecurity; But is Congress Serious?
Working to keep PIV credentials up-to-date
The government has issued millions of PIV cards containing digital credentials to federal employees and contractors. Although government still lags in using these credentials for secure access to IT systems, NIST is working to keep the credentials relevant in a mobile world. The National Institute of Standards and Technology is asking for feedback on a … Continue reading Working to keep PIV credentials up-to-date
IPv4 enters the final countdown in North America
The pool of available IPv4 addresses—Internet Classic—is entering its final phase of depletion, according to North America’s regional Internet registry. This does not mean that IPv4 will be disappearing any time soon, but it does mean that growth in the Internet will require adoption of the next generation IPv6 addresses, or that organizations will have … Continue reading IPv4 enters the final countdown in North America