IfG.CC -
Institute for eGovernment

The IRS reports federal tax information (FTI) to a handful of Oregon state agencies, including the departments of Revenue, Employment, Justice and Human Services. Those agencies must comply with IRS’s daunting information security requirements, which are promulgated in the IRS’s 128-page Publication 1075, “Tax Information Security Guidelines for Federal, State and Local Agencies” (.pdf)

Cities, in collaboration with the private sector and technology providers, will be creating ecosystems of systems

According to a report released by the UN in 2018, more than half of the world’s population lives in an urban area or city. This number is expected to rise to almost 70 percent in the next 30 years. While people move to cities for a variety of reasons, we all have one expectation in common: that we will be safe.

Arizona State University’s North American Center for Transborder Studies (NACTS) conducted the report which identifies that securing the flow of people, goods and business between the two countries requires the integration and interconnectivity of vital communications technologies – a system of systems – among and between ports, check points, and law enforcement agencies along the border. The study also issued some key recommendations that can help to achieve that objective.

Soumya Das, the chief marketing officer for security provider SecureAuth, feels that government agencies should adjust their mobile security techniques to match society’s changing Web consumption habits. According to Das, network administrators shouldn’t focus so heavily on locking down mobile endpoints; they should focus on managing the central access control technology efficiently, which would make the mobile devices themselves less important.

Is security the next as-a-service offering you’ll be sending to the cloud?

As IT leaders have grown more comfortable with the security of software-as-a-service offerings and cloud storage, they also have started turning to cloud-based managed security services. For both commoditized basic services such as vulnerability testing and cloud security gateways to more sophisticated identity management and threat analysis, public-sector chief information security officers are growing more willing to consider managed security service providers (MSSPs).

Paradoxically fewer Americans were concerned about computer security than those in last year’s survey: 39 percent compared to 2011’s 48 percent. And 33 percent of this year’s respondents weren’t concerned at all about computer security.

“The latest results of our survey show that the American people recognize the impact that cyberattacks can have on our critical infrastructure and are looking to the U.S. government to take on a more active role in proactively defending our nation’s key assets,” said Steve Vinsik, Unisys’ vice president of enterprise security, in a company press release.

“Shared infrastructure is something that takes very careful consideration when you want to co-locate workloads that are owned by different folks and stakeholders within your own organization,” said Anil Karmel, who has helped the Energy Department build a secure, cloud services brokerage technology, YourCloud, to connect a diverse set of users to a marketplace of cloud service providers.

Das US-Heimatschutzministerium ist dem US-Rechnungshof zufolge nicht fähig, das Land vor Bedrohungen aus dem Internet zu schützen.

According to a report issued by the Government Accountability Office (GAO) today, a number of agencies fell short on recommendations for securing databases, remote access, and mobile devices. All of the agencies received a downgrade in their scores for e-government progress on the President's Management Agenda Scorecard

The Government Accountability Office reports that while every agency submitted a plan or documentation in lieu of a plan, only four of those 18 fully developed plans addressed all of OMB's criteria.

And no agency has updated their plans since 2004.

According to documents issued by the Office of Management and Budget, five agencies currently rate unsatisfactory in cybersecurity efforts, based on reports from inspectors general. The Defense Department is still undergoing an audit.

The 12-page report urges agencies to allow employees to work from home using high-speed Internet connections and telephone lines.

For the last eight years, IT security has topped the list of concerns among federal CIOs who were surveyed by the industry group TechAmerica, formerly called the Information Technology Association of America.

The House of Representatives has passed a bill that would update the federal government's cybersecurity requirements and create a permanent cybersecurity office within the White House, putting some long-sought reforms closer to passage.

The reforms were passed as an amendment offered by Rep. Jim Langevin (D-R.I.) and Dianne Watson (D-Calif.) that made its way into the annual defense spending bill, the National Defense Authorization Act for Fiscal Year 2011. The defense authorization bill passed the House on Friday by a 229-186 vote.

The Department of Homeland Security (DHS) is asking Americans to take responsibility for their own online safety and encourage others to do the same through a new cybersecurity awareness campaign.

Called Stop. Think. Connect., the campaign is an extension of existing DHS efforts to work with the private sector on cybersecurity strategies, according to a White House blog post by the Obama administration's cybersecurity coordinator, Howard A. Schmidt, in unveiling the effort.

The new Web site, Build Security In, was developed in conjunction with the Carnegie Mellon Software Engineering Institute. It was unveiled at a software assurance forum this week co-hosted by DHS and the Defense Department.