Publications

The government has issued millions of PIV cards containing digital credentials to federal employees and contractors. Although government still lags in using these credentials for secure access to IT systems, NIST is working to keep the credentials relevant in a mobile world. The…

The pool of available IPv4 addresses—Internet Classic—is entering its final phase of depletion, according to North America’s regional Internet registry. This does not mean that IPv4 will be disappearing any time soon, but it does mean that growth in the Internet will…

The term “computer glitch” has become a shorthand way of avoiding responsibility for failures when information technology doesn’t work. With IT underlying so much of our lives and economy we should expect to know what went wrong and why. It has been a…

More than a decade after its creation, agencies of the Homeland Security Department still are not able to effectively communicate with each other. A bill now awaiting the president’s signature would require DHS to create a strategy for interoperable communications. Since its formation…

Some governmentwide programs offer the promise of improved security in federal information systems, but cybersecurity remains a high risk area and threats to sensitive personal information continue to grow. After almost 20 years on the Government Accountability Office’s (GAO) list of high risk…

As the administration “sprints” to close gaps in federal cybersecurity and Congress rushes to judgment on breaches of federal personnel data, the real problem is a lack of accountability and responsibility in both the executive and legislation branches. In the wake of potentially…

The White House has established an HTTPS-only standard for federal websites, requiring all public sites to use the encrypted connection protocol within 18 months. Agencies can leverage private sector experience in making the switch. Declaring that Americans deserve a high level of assurance…

Major back-to-back breaches at federal agencies illustrate a vicious circle in cyberattacks: Personal information stolen in one breach is being reused to enable secondary breaches. Expect data stolen from OPM to be used elsewhere.  More bad news this week on the cyber front.…

Cyberpunk author Neal Stephenson pulled off a difficult feat in his techno-thriller “Snow Crash;” he created a future that does not seem dated 25 years after it was written. How close did he come in predicting the early 21st Century? I’ve been rereading…

The adoption of IPv6 is opening up new attack vectors for Denial of Service attacks as researchers probe the next generation of Internet Protocols for weaknesses, according to the most recent State of the Internet—Security report from Akamai. Distributed Denial of Service attacks…