The term “computer glitch” has become a shorthand way of avoiding responsibility for failures when information technology doesn’t work. With IT underlying so much of our lives and economy we should expect to know what went wrong and why. It has been a busy week for the computer glitch. On Wednesday, July 8, United Airlines … Continue reading It’s time to ditch the “glitch”
William Jackson
DHS gets mandate to implement interoperable communications
More than a decade after its creation, agencies of the Homeland Security Department still are not able to effectively communicate with each other. A bill now awaiting the president’s signature would require DHS to create a strategy for interoperable communications. Since its formation in 2003, the Homeland Security Department (DHS) has awarded $18.5 billion in … Continue reading DHS gets mandate to implement interoperable communications
GAO: Agencies still have a long way to go in improving cybersecurity
Some governmentwide programs offer the promise of improved security in federal information systems, but cybersecurity remains a high risk area and threats to sensitive personal information continue to grow. After almost 20 years on the Government Accountability Office’s (GAO) list of high risk programs, federal information security remains inadequate and threats to sensitive information being … Continue reading GAO: Agencies still have a long way to go in improving cybersecurity
There is plenty of blame to go around for recent government breaches
As the administration “sprints” to close gaps in federal cybersecurity and Congress rushes to judgment on breaches of federal personnel data, the real problem is a lack of accountability and responsibility in both the executive and legislation branches. In the wake of potentially devastating breaches of government personnel records, the White House has launched what … Continue reading There is plenty of blame to go around for recent government breaches
Government moves to a secure connection standard for websites
The White House has established an HTTPS-only standard for federal websites, requiring all public sites to use the encrypted connection protocol within 18 months. Agencies can leverage private sector experience in making the switch. Declaring that Americans deserve a high level of assurance when visiting federal websites, the White House has mandated that all agencies adopt … Continue reading Government moves to a secure connection standard for websites
More bad news yet to come from government breaches
Major back-to-back breaches at federal agencies illustrate a vicious circle in cyberattacks: Personal information stolen in one breach is being reused to enable secondary breaches. Expect data stolen from OPM to be used elsewhere. More bad news this week on the cyber front. The U.S. Office of Personnel Management (OPM) announced a breach of its … Continue reading More bad news yet to come from government breaches
New Internet Protocols emerging as a vector for DDoS attacks
The adoption of IPv6 is opening up new attack vectors for Denial of Service attacks as researchers probe the next generation of Internet Protocols for weaknesses, according to the most recent State of the Internet—Security report from Akamai. Distributed Denial of Service attacks (DD0S) became more common and more robust in the first quarter of … Continue reading New Internet Protocols emerging as a vector for DDoS attacks
Time to give up Windows Server 2003
Microsoft is ending support for its Windows Server 2003 in July, and millions of servers the still are running the OS. It already is too late for many to plan an orderly migration to a current OS, but some steps should be taken. Microsoft will end support for its Windows Server 2003 operating system on … Continue reading Time to give up Windows Server 2003
A workable cybersecurity bill? Maybe.
The latest entrant in the increasingly crowded field of proposed cybersecurity legislation appears to offer adequate protections on personal information as well as appropriate corporate shields. We’ll see. There is a new entrant in the increasingly crowded field of proposed cybersecurity legislation. The Cybersecurity Information Sharing Act of 2015, (S.754), was introduced by Sen. Richard … Continue reading A workable cybersecurity bill? Maybe.
New DOD Cyber Strategy puts a new focus on private infrastructure
The latest Cyber Strategy, released this week by the Pentagon, refines the nation’s strategic goals in cyberspace and recognizes for the first time the DOD’s responsibility to protect private sector networks that are not necessarily critical infrastructure. The Pentagon has released its latest Defense Department Cyber Strategy, updating its original strategy released in 2011 and … Continue reading New DOD Cyber Strategy puts a new focus on private infrastructure