Heute 120

Gestern 1472

Insgesamt 39726716

Freitag, 27.12.2024
Transforming Government since 2001

Datensicherheit

  • USA vervierfachen Budget für Computersicherheit

    Fünf-Jahres-Programm - Investitionen von über 900 Mio. Dollar

    Die USA wollen bis 2007 eine Summe von 903 Mio. Dollar in den Bereich der Computersicherheit investieren. Präsident George W. Bush hat bereits ein entsprechendes Gesetz unterzeichnet, innerhalb der kommenden fünf Jahre soll so das vorhandene Budget fast vervierfacht werden.

  • USA: Agencies Fall Short on Protecting User Data

    Many government agencies have failed to meet the guidelines for protecting personal information that were established two years ago after the breach at the Department of Veterans Affairs.

    According to a report issued by the Government Accountability Office (GAO) today, a number of agencies fell short on recommendations for securing databases, remote access, and mobile devices. All of the agencies received a downgrade in their scores for e-government progress on the President's Management Agenda Scorecard

  • USA: Cybersecurity standardization moves forward

    The Office of Management and Budget launched a task force on cybersecurity consolidation last week with the goal of increasing computer security and cutting costs.

    Tim Young, OMB's associate administrator for e-government and information technology, said at a conference in Falls Church, Va., Tuesday that the consolidation effort has strong support among agencies. He said that the question of whether agencies can share common processes associated with information technology security is meant to spark a dialogue in the IT security community.

  • USA: Electronic medical records at risk of beeing hacked, report warns

    The electronic health record systems that automate the digitized medical histories of U.S. patients are severely at risk of being hacked, a new report has claimed. A fix requires better collaboration between CIOs and vendors.

    The warning comes from the eHealth Vulnerability Reporting Program (eHVRP), a collaborative of health care industry practitioners and technology providers. It was formed last year to assess the security of the nation's electronic health records.

  • USA: Feds face numerous encryption schemes for securing e-mail

    Government agencies face a communications dilemma. On one hand, officials are asked to share more information with other agencies, businesses and citizens. On the other, they are under pressure to boost data protection.
  • USA: Government buys bulk encryption

    SmartBuy contracts could help many agencies afford better data security

    The General Services Administration’s SmartBuy award for securing stored data could provide more value to federal agencies than the potential savings expected from the governmentwide buy. The award, to be officially announced Monday, will provide standard encryption products for federal agencies and state and local governments, which could significantly improve government data security, security experts say.

  • USA: Government Cybersecurity Needs Funding

    Only 8 of 24 government agencies received A-minus scores or better in cybersecurity survey; funding issues blamed.

    The annual release of cybersecurity grades are helping to improve U.S. government security, but the law the grades are based on needs to be more specific, U.S. agency chief information security officers said in a survey.

  • USA: Government takes new tack to secure online transactions

    Establishing proof of identity to conduct business online today is a much different security challenge than it was in the mid-1990s.

    Back then, for example, the only way Treasury Department officials could entice financial institutions to place their orders for government securities online was to use digital certificates and an elaborate public-key infrastructure for securing the transactions.

  • USA: Hacking into e-health records is too easy, group says

    Hackers can access many e-health records and modify them unbeknownst to the software’s legitimate users, according to a new study by an organization concerned about EHR vulnerabilities.

    The E-Health Vulnerability Reporting Program (EHVRP), a nonprofit organization formed in 2006, issued a summary of its findings after a 15-month study assessing the security risks associated with EHR systems.

  • USA: Health IT standards panel publishes security and privacy standards

    The Healthcare Information Technology Standards Panel has issued a set of standards for keeping patients’ e-health records private and secure.

    The panel, which is sponsored by the Health and Human Services Department, aims to identify and harmonize existing information standards so that e-health records can be exchanged among institutions.

  • USA: Identity Self-Defense: The Power of PIV

    Identity protection is one of the most pressing topics within our society. Over the course of the last few years, we have seen numerous stories reported where information systems have been compromised and data has been lost potentially compromising the identity of millions. While we could debate the level of security required to properly protect any information system, I believe there is a more fundamental approach to addressing this critical issue. Identity self-defense.

    In the months following the September 11 attacks on New York and Washington D.C., it was determined the issue of identity verification needed to be addressed. Homeland Security Presidential Directive 12 (HSPD12) established the requirement to verify the identity of all federal employees and issue them a secure identity credential. This has resulted in the issuance of millions of Personal Identity Verification (PIV) credentials.

  • USA: IG: IRS not doing enough to safeguard taxpayers' privacy

    The Internal Revenue Service has not done enough to protect the privacy of more than 130 million taxpayers, according to a Treasury Department Inspector General's report released Oct. 3.

    The agency has conducted privacy impact assessments (PIAs) on less than half of its computer system and does not adequately monitor its own application of privacy laws, according to the report from the Treasury IG For Tax Administration.

  • USA: OMB, DHS outline data security best practices

    The Office of Management and Budget and the Homeland Security Department today explained 10 common mistakes agencies make when securing data and personal information and offered a host of best practices to correct each mistake.

    In a new paper, “Common Risks Impeding the Adequate Protection of Government Information,” OMB and DHS discuss common problems in areas such as training, contracting and records management.

  • USA: Sizing up coded message options

    Feds face numerous — and nuanced — encryption schemes for securing e-mail

    Government agencies face a communications dilemma. On one hand, officials are asked to share more information with other agencies, businesses and citizens. On the other, they are under pressure to boost data protection.

  • USA: State bolsters passport security

    The State Department has declared that electronic passports will be safe from identity thieves.

    The department has decided to adopt metallic shields and is seriously considering “basic access control” as a further means of preventing the skimming of personal data stored on a passport’s chip.

    One form of basic access control under consideration is to imprint data on a passport’s machine-readable zone. The data would exchange an algorithm with a reader at the border station, which in turn would unlock the chip embedded in the passport.

  • USA: VA Scandal: Feds Finally Seeking to Protect Americans' Personal Information

    The recent security breach at the Department of Veterans Affairs, in which personal data on millions of veterans were compromised, has created a firestorm of criticism from military families across the nation, especially since no one was notified that they were a victim of information theft.

    In addition to the VA data theft, a computer hacker was successful in stealing a file containing the names and Social Security numbers of more than 1,500 people working for the Energy Department's nuclear weapons agency.

  • USA: White House Report Shows Improvement In IT Security

    Government auditors certified and accredited 77% of the federal government's 8,623 IT systems after conducting risk assessments and security-control testing last fiscal year.

    Government auditors certified and accredited 77% of the federal government's 8,623 IT systems after undergoing risk assessments and security-control testing last fiscal year, up from 62% in fiscal year 2003, according to a White House report to Congress made public Friday.

  • USA: Wichita: Security key as health records go electronic

    A recent study shows that it's not hard to get into most medical computer systems, making local health officials even more mindful of privacy.

    As Wichita health care providers move toward paperless work environments, the security of private data is paramount to successful systems.

    Yet electronic health records are surprisingly easy to hack into and are vulnerable to exploitation, according to a study by the eHealth Vulnerability Reporting Program.

  • Weltweit dümmste Sicherheitsmaßnahmen ''geehrt''

    Am John-F.-Kennedy-Flughafen ist eine stillende Mutter zum unmittelbaren und kompletten Verzehr von nicht weniger als drei Flaschen ihrer eigenen Muttermilch genötigt worden -- im Dienste der Homeland Security, versteht sich. Diese und vier weitere "Sicherheitsmaßnahmen" sind nun mit den Stupid Security Awards ausgezeichnet worden. Eine internationale Jury unter der Obhut von Privacy International hat unter rund 5.000 Einsendungen die Preisträger ausgewählt.
  • Wir werden immer besser

    Pentagon will Netzwerke noch besser gegen Eindringlinge schützen; Iraks Glasfasernetze sind im Kriegsfall nicht mit Infowar-Mitteln lahmzulegen

    Wie der für Aufklärung bei der US-Armee zuständige Generalleutnant Robert Noonan auf der jährlichen Tagung von Old Crows über "Combating Terrorism: What's changing in Electronic Warfare and Information Operations" erklärte, wurden die mit dem Internet verbundenen Netzwerke des Pentagon im letzten Jahr 14.500 Mal angegriffen. Bei 70 Versuchen soll es den Angreifern gelungen sein, auch in das Netz einzudringen, Schaden hätten aber nur drei Vorfälle angerichtet.

Zum Seitenanfang