A wrongheaded approach to cybersecurity and hostility toward federal workers make it likely that government cybersecurity—already a high-risk challenge—will get worse before it gets better.
Cybereye
A weekly column on all things cyber
The high-risk challenge of government cybersecurity
Federal cybersecurity has been in the GAO’s list of high-risk programs for 20 years, and there is no sign of its getting off any time soon. The biggest hurdle? It’s probably the workforce.
A new way to take the measure of our universe
NIST scientists are helping to redefine the standard units of measure that we use to make sense of our universe. The changes are expected to be adopted in November 2018 by the General Conference on Weights and Measures and would go into effect in 2019 on May 20 – World Metrology Day, the anniversary of the signing of the Treaty of the Meter.
Pass that Duby
An anonymous social media app, Duby, is building an online community for tokers who want to share what they are thinking and doing. The technology behind it is innovative and could be valuable to advertisers.
Here we go again: Looking ahead to 2017
2016 was enough to make anyone doubt his ability to make accurate predictions. But I’m confident that 2017 will be worse.
The long road to reliable software
NIST has produced a guide to producing software with fewer vulnerabilities. This is a necessary step to improving cybersecurity, but it will be a long time before our software infrastructure is reliable.
Fact-checking my 2016 predictions
Predicting things is easy. Predicting them accurately is more difficult. Here’s how I did on my predictions for this year.
Overcoming user resistance to stronger authentication
Online consumers say they want more security on their accounts, but they have to be prodded to adopt two-factor authentication.
New cybersecurity guidance for small businesses
NIST has revised its guidance to help small businesses establish cybersecurity programs. It is based on the Cybersecurity Framework, which has proved to be a versatile valuable document since its publication in 2014.
Is it too late to secure the Internet of Things?
A lot of attention has been given lately to the security in the Internet of Things. Unfortunately, there is already a widely installed base of vulnerable hardware and software that is being exploited for attacks. Are we doomed to another losing game of catch-up?