Working to keep PIV credentials up-to-date

The government has issued millions of PIV cards containing digital credentials to federal employees and contractors. Although government still lags in using these credentials for secure access to IT systems, NIST is working to keep the credentials relevant in a mobile world. The National Institute of Standards and Technology is asking for feedback on a … Continue reading Working to keep PIV credentials up-to-date

IPv4 enters the final countdown in North America

The pool of available IPv4 addresses—Internet Classic—is entering its final phase of depletion, according to North America’s regional Internet registry. This does not mean that IPv4 will be disappearing any time soon, but it does mean that growth in the Internet will require adoption of the next generation IPv6 addresses, or that organizations will have … Continue reading IPv4 enters the final countdown in North America

It’s time to ditch the “glitch”

The term “computer glitch” has become a shorthand way of avoiding responsibility for failures when information technology doesn’t work. With IT underlying so much of our lives and economy we should expect to know what went wrong and why. It has been a busy week for the computer glitch. On Wednesday, July 8, United Airlines … Continue reading It’s time to ditch the “glitch”

DHS gets mandate to implement interoperable communications

More than a decade after its creation, agencies of the Homeland Security Department still are not able to effectively communicate with each other. A bill now awaiting the president’s signature would require DHS to create a strategy for interoperable communications. Since its formation in 2003, the Homeland Security Department (DHS) has awarded $18.5 billion in … Continue reading DHS gets mandate to implement interoperable communications

GAO: Agencies still have a long way to go in improving cybersecurity

Some governmentwide programs offer the promise of improved security in federal information systems, but cybersecurity remains a high risk area and threats to sensitive personal information continue to grow. After almost 20 years on the Government Accountability Office’s (GAO) list of high risk programs, federal information security remains inadequate and threats to sensitive information being … Continue reading GAO: Agencies still have a long way to go in improving cybersecurity

There is plenty of blame to go around for recent government breaches

As the administration “sprints” to close gaps in federal cybersecurity and Congress rushes to judgment on breaches of federal personnel data, the real problem is a lack of accountability and responsibility in both the executive and legislation branches. In the wake of potentially devastating breaches of government personnel records, the White House has launched what … Continue reading There is plenty of blame to go around for recent government breaches

Government moves to a secure connection standard for websites

The White House has established an HTTPS-only standard for federal websites, requiring all public sites to use the encrypted connection protocol within 18 months. Agencies can leverage private sector experience in making the switch. Declaring that Americans deserve a high level of assurance when visiting federal websites, the White House has mandated that all agencies adopt … Continue reading Government moves to a secure connection standard for websites

More bad news yet to come from government breaches

Major back-to-back breaches at federal agencies illustrate a vicious circle in cyberattacks: Personal information stolen in one breach is being reused to enable secondary breaches. Expect data stolen from OPM to be used elsewhere.  More bad news this week on the cyber front. The U.S. Office of Personnel Management (OPM) announced a breach of its … Continue reading More bad news yet to come from government breaches

Snow Crash and the Future of Now

Cyberpunk author Neal Stephenson pulled off a difficult feat in his techno-thriller “Snow Crash;” he created a future that does not seem dated 25 years after it was written. How close did he come in predicting the early 21st Century? I’ve been rereading “Snow Crash,” an early techno-thriller by Cyberpunk author Neal Stephenson. It’s a great … Continue reading Snow Crash and the Future of Now

New Internet Protocols emerging as a vector for DDoS attacks

The adoption of IPv6 is opening up new attack vectors for Denial of Service attacks as researchers probe the next generation of Internet Protocols for weaknesses, according to the most recent State of the Internet—Security report from Akamai. Distributed Denial of Service attacks (DD0S) became more common and more robust in the first quarter of … Continue reading New Internet Protocols emerging as a vector for DDoS attacks