Publications

The Obama administration wants to leverage U.S. participation in international standards-making to improve the nation’s cybersecurity. The Obama administration wants to improve coordination between federal agencies and with other nations in developing technical standards to help improve U.S. cybersecurity. The nation’s economy and security…

Six months into FedRAMP Forward, a two-year initiative to improve agency adoption of cloud services, the program is citing success and continuing to fine tune policies. The FedRAMP Program Management Office says that 82 percent of more than 1,400 federal cloud implementations have…

A Senate bill would require agencies to deploy the EINSTEIN intrusion prevention system and implement basic cybersecurity practices in an effort to stem breaches of federal information systems. It remains to be seen whether additional congressional mandates would make any difference. The Senate…

The government has issued millions of PIV cards containing digital credentials to federal employees and contractors. Although government still lags in using these credentials for secure access to IT systems, NIST is working to keep the credentials relevant in a mobile world. The…

The pool of available IPv4 addresses—Internet Classic—is entering its final phase of depletion, according to North America’s regional Internet registry. This does not mean that IPv4 will be disappearing any time soon, but it does mean that growth in the Internet will…

The term “computer glitch” has become a shorthand way of avoiding responsibility for failures when information technology doesn’t work. With IT underlying so much of our lives and economy we should expect to know what went wrong and why. It has been a…

More than a decade after its creation, agencies of the Homeland Security Department still are not able to effectively communicate with each other. A bill now awaiting the president’s signature would require DHS to create a strategy for interoperable communications. Since its formation…

Some governmentwide programs offer the promise of improved security in federal information systems, but cybersecurity remains a high risk area and threats to sensitive personal information continue to grow. After almost 20 years on the Government Accountability Office’s (GAO) list of high risk…

As the administration “sprints” to close gaps in federal cybersecurity and Congress rushes to judgment on breaches of federal personnel data, the real problem is a lack of accountability and responsibility in both the executive and legislation branches. In the wake of potentially…

The White House has established an HTTPS-only standard for federal websites, requiring all public sites to use the encrypted connection protocol within 18 months. Agencies can leverage private sector experience in making the switch. Declaring that Americans deserve a high level of assurance…