A survey of federal IT and security personnel shows that a lack of money and skilled workers are the biggest impediments to security, and careless insiders represent the greatest threat. Doing more with less is not the answer; if leaders are serious about IT security they must put the money where the collective mouth is.
The latest revision of NIST’s catalog of security and privacy controls (SP800-53) addresses the challenges to both the public and private sectors of an increasingly interconnected information infrastructure that includes industrial control systems and the Internet of Things.
A contract has been awarded for a multi-billion dollar dedicated public safety network, which is supposed to be up and running within five years. But coverage, reliability and security remain challenges for the ambitious project.
The North American Electric Reliability Corp., which oversees bulk power system in the U.S. and Canada, needs a better view of the grid’s cybersecurity posture as threats and vulnerabilities increase.
According to some Berkeley researchers, the reason for the federal government’s cybersecurity workforce problem is that talented IT types don’t want to work in Washington.
The Dedicated Short Range Communications (DSRC) standard is being developed to support operational communications within and among vehicles. One security researcher says more thought needs to be given to securing DSRC and calls for an industry security framework.
Only two weeks remain to comment on the draft revision of the NIST Cybersecurity Framework, a document that has been widely adopted since its release in 2014.
As recreational and medical use of marijuana becomes legal in more states, there is a growing demand for tools and technology to move the drug from bootleg to effective medication. A small Massachusetts company is helping meet that demand.
A wrongheaded approach to cybersecurity and hostility toward federal workers make it likely that government cybersecurity—already a high-risk challenge—will get worse before it gets better.
Federal cybersecurity has been in the GAO’s list of high-risk programs for 20 years, and there is no sign of its getting off any time soon. The biggest hurdle? It’s probably the workforce.