Government Accountability Office auditors say a lack of prioritization has kept agencies from requiring the use of personal identification verification credentials to obtain access to federal computer systems.
The Dutch company that was deceived by hackers into issuing fraudulent digital certificates is liquidating its assets under the protection of a bankruptcy court in the Netherlands after failing to recover from the attack.
"It's important, in that climate today, where we have very sophisticated cyberattacks taking place, to have the ability to do a fairly comprehensive analysis on the threat space," NIST Senior Computer Scientist Ron Ross says.
With the Swiss bank offering new details about the severity of its trading scandal, industry experts share insights on risk management and the failure of systems and staff to detect unauthorized trades.
"We find a lot of security professionals saying, 'I'm just going to get another certification, or I'm going to get deeper into this technology skill,'" says researcher David Foote. "That's not going to get you very far."
A look at the impact of President Obama's $4 trillion plan to reduce the federal government's deficit over the next decade while creating jobs in the coming year on information security employment and spending.
Michigan CTO Dan Lohrmann will head a new operation to provide state agencies with a single organization charged with the oversight of risk management and security issues associated with state assets, property, systems and networks.
The shift to monthly reports of key metrics through CyberScope from annual FISMA filings allows security practitioners to make decisions using more information and more quickly than ever before, OMB Director Jacob Lew says.
The Intelligence and National Security Alliance President Ellen McCarthy used the revelation of the hack, uncovered late Wednesday, to highlight a major point of the study: How government can help industry protect its IT.