William Jackson

Despite increased efforts by the IRS to catch fraudulent tax returns, the growth in electronic filing has produced a tidal wave of phony philings during the 2015 tax season. I had a number of unpleasant surprises while doing my taxes this year. (Has anyone ever had a pleasant surprise while doing his taxes?) The first … Continue reading Some nice stranger filed my 2014 tax return

The marijuana industry still operates in a legal limbo but is beginning to emerge from the underground as a big business. InvestinCannabis.com wants to leverage IT to help the nascent industry grow, including helping medical marijuana dispensaries to comply with HIPAA. Pot has been a big business for decades, but with the recent liberalization of … Continue reading Investing in cannabis, and helping the pot industry become HIPAA compliant

In the absence of congressional action on cybercrime, this week’s executive order is a significant new step in dealing with what the president called a national emergency. Former NSA director Keith B. Alexander said recently that the government has a responsibility to protect private companies in cyberspace. Because companies are forbidden to retaliate against their … Continue reading The President’s Executive Order on Cybercrime takes the problem seriously

The National Checklist Program is a resource for configuring IT products to help ensure a baseline of security is being met. A revised set of guidelines for using checklists is available for review. Understanding and maintaining the configuration of IT systems and devices is a key part of IT security. But with scores or hundreds … Continue reading National Checklist Program is a resource for maintaining baseline security

With an initial $7 billion and a block of radio spectrum in hand, FirstNet—charged with creating a nationwide public safety network—has to decide how to fully fund, build and operate the network. The First Responder Network Authority—FirstNet—the independent authority overseeing development of a nationwide broadband network for first responders, expects to release this month a … Continue reading FirstNet has tough decisions ahead about its public safety network

Although everyone agrees that information sharing is essential to effective cybersecurity, issues of trust between the private sector and government and among governments make this a challenge that can only be addressed by Congress. Retired General and Former NSA Director Keith Alexander said recently that without more effective sharing of threat information the nation’s cybersecurity … Continue reading Untangling the knotty problem of information sharing

As NIST opens a new round of pilot grants for identify verification schemes, a number of earlier NSTIC pilots already have proved their worth in solving the knotty problem of managing identities online. The National Institute of Science and Technology has announced its fourth round of grants to fund pilot programs for innovative identity verification … Continue reading NSTIC pilots provide real world options for identity management

One year after publication, the administration’s Cybersecurity Framework remains a work in progress, but it is helping to drive and define discussions on the need for cybersecurity as an integral part in the risk management of our critical infrastructure. The administration’s Framework for Improving Critical Infrastructure Cybersecurity marked its first birthday this month, and although … Continue reading The Cybersecurity Framework at One Year

The Commerce Department’s budget request for fiscal 2016 includes 7 percent increase in cybersecurity funding at NIST to support research and standards development to protect the nation’s IT systems and critical infrastructure. The additional $7 million would help fund 10 new full time positions to expand the institute’s work in cryptography and privacy. The National … Continue reading NIST seeks modest bump in cybersecurity funding in ’16 budget request

The first two-and-a-half years of FedRAMP—the government’s program to jump-start adoption of cloud computing through blanket security authorizations for service providers—has been a success; but the Federal CIO Council has created a two-year roadmap to speed agency adoption of cloud services, increase the pool of certified service providers, and keep security requirements up to date. … Continue reading FedRAMP Forward—Government’s roadmap for Cloud Computing