Today 565

Yesterday 4488

All 44163286

Wednesday, 2.07.2025
Transforming Government since 2001

Sicherheit

  • USA: Audit sounds alarm over Minnesota government's online transactions

    An investigation has found serious security problems with a state Web site that allows Minnesotans to renew their license tabs online. A legislative auditor's report released on Tuesday concludes that hackers could get into the system and steal consumers' private data. State officials have shut down the Web site until the problems are fixed, and say they're not aware of any security breaches. Some legislators say that reassurance isn't good enough.

  • USA: Bericht: IT-Sicherheitsmängel im Ministerium für innere Sicherheit

    Computersysteme von Behörden, die dem Department of Homeland Security (DHS) angeschlossen sind, weisen oft Sicherheitsmängel auf. Das hat der Inspector General des Ministeriums in seinem Bericht festgestellt, der beispielsweise zur New York Times vorgedrungen ist. Anscheinend hätten die Transportation Security Administration, die Customs and Border Protection und die Küstenwache keine Backup-Systeme und folgten somit nicht den selbst gestellten und in der aufwändigen Werbekampagne "Get Ready Now" verbreiteten Ansprüchen.

  • USA: Bush administration proposes $7.3 billion for IT security

    President Bush's proposed budget for fiscal 2009 includes $7.3 billion for cybersecurity efforts -- a 9.8 percent increase from last year and a 73 percent increase from fiscal 2004.

    According to documents issued by the Office of Management and Budget, five agencies currently rate unsatisfactory in cybersecurity efforts, based on reports from inspectors general. The Defense Department is still undergoing an audit.

  • USA: Computer security not a telework hindrance, says advocacy group

    The security of the government's computer systems is not an impediment to expanding agencies' use of telework, says a report from a cybersecurity public policy advocacy group.

    The 12-page report urges agencies to allow employees to work from home using high-speed Internet connections and telephone lines.

  • USA: Cybersecurity challenges top concerns of federal CIOs

    The government’s chief information officers continue to be most concerned and challenged by cybersecurity demands.

    For the last eight years, IT security has topped the list of concerns among federal CIOs who were surveyed by the industry group TechAmerica, formerly called the Information Technology Association of America.

  • USA: Cybersecurity Regulations Pass House

    A House bill would create a federal cybersecurity director and add new cybersecurity requirements, but must be reconciled with the Senate bill, which doesn't have these provisions.

    The House of Representatives has passed a bill that would update the federal government's cybersecurity requirements and create a permanent cybersecurity office within the White House, putting some long-sought reforms closer to passage.

    The reforms were passed as an amendment offered by Rep. Jim Langevin (D-R.I.) and Dianne Watson (D-Calif.) that made its way into the annual defense spending bill, the National Defense Authorization Act for Fiscal Year 2011. The defense authorization bill passed the House on Friday by a 229-186 vote.

  • USA: Department of Homeland Security Rolls Out Cybersecurity Campaign

    The Department of Homeland Security has launched "Stop. Think. Connect." to encourage citizens and organizations to take responsibility for online safety.

    The Department of Homeland Security (DHS) is asking Americans to take responsibility for their own online safety and encourage others to do the same through a new cybersecurity awareness campaign.

    Called Stop. Think. Connect., the campaign is an extension of existing DHS efforts to work with the private sector on cybersecurity strategies, according to a White House blog post by the Obama administration's cybersecurity coordinator, Howard A. Schmidt, in unveiling the effort.

  • USA: Dept. of Homeland IT Insecurity

    The agency protecting the U.S. against threats gets an "F" when it comes to safeguarding its own IT systems. What's being done about it?

    You think you've got password woes? Folks who work for the U.S. Citizenship and Immigration Information Services have to remember as many as 17 passwords to get into their networks. One poor soul at the agency, part of the U.S. Dept. of Homeland Security, had to use four different passwords just to check e-mail, according to a recent report by the DHS Office of Inspector General.

  • USA: DHS site offers security tools, tips for software developers

    The Homeland Security Department has launched a secure portal to provide best practices, tools and other resources for creating more reliable and secure software for developers and security professionals.

    The new Web site, Build Security In, was developed in conjunction with the Carnegie Mellon Software Engineering Institute. It was unveiled at a software assurance forum this week co-hosted by DHS and the Defense Department.

  • USA: Evans: 'People are losing data'

    Between July and Sept. 30, agencies reported 338 separate security incidents involving personally identifiable information to the Office of Management and Budget, Karen Evans, OMB’s administrator for e-government and information technology, said today.

    Many of the incidents, however, are not attacks on government information from outsiders, Evans said in a speech at the IT Association of America’s annual Chief Information Security Officer Workshop in Falls Church, Va.

  • USA: Evans: Agencies are improving security profiles

    Agencies continue to make progress in securing their information systems, at least in terms of improving their collective FISMA scores, according to Karen Evans, the Office of Management and Budget’s administrator of e-government and IT. Evans was the keynote speaker at the ITAA 2006 Information Security Workshop today in Falls Church, Va.

    FISMA — the Federal Information Security Management Act — sets the standards and procedures agencies must observe in order to improve their security profiles. Each year, every department and independent agency is given a letter grade, based on their implementation of the elements of FISMA.

  • USA: Federal government earns a collective D+ on FISMA scorecard

    The federal government as a whole continues to struggle with securing its computer networks, according to the latest round of FISMA grades released today by the House Government Reform Committee.

    Agencies earned an overall D+ for their efforts, the same grade as last year. Ten agencies improved their marks while 8 slipped.

  • USA: Feds Again Flunk Network Security

    For the fourth consecutive year, a large percentage of federal agencies flunked their annual network security review under the Federal Information Security Management Act (FISMA), including the Department of Homeland of Security (DHS) and the Department of Defense (DOD).

    Out of 24 reporting agencies, 13 either scored an F or a D in the annual report card scores required under FISMA.

  • USA: Feds Again Score Low on IT Security

    Overall grade stays at D+; execs say complexity works against compliance

    A congressional committee last week released a report card giving the federal government an overall grade of D+ on computer security for the second year in a row -- a rating that prompted harsh words from some lawmakers but also sparked a debate over how useful the grading process is.

    At a hearing on Thursday, members of the House Committee on Government Reform lectured IT executives from the Pentagon and the U.S. Department of Homeland Security about the failing cybersecurity scores that the two agencies received as part of the panel's annual evaluation. "I don't feel comfortable that my homeland is secure," said Rep. Diane Watson (D-Calif.).

  • USA: Feds Look to Clear Hurdles in Private-Sector Cybersecurity

    The notion that the government needs to establish firm and far-reaching partnerships with the private sector has become a key focus of the debate currently raging over federal cybersecurity.

    Given that the private sector owns and operates between 80 percent and 90 percent of the nation's digital infrastructure, the military and civilian agencies realize that they can't go it alone in the face of ongoing and persistent threats from a multiplicity of attackers both at home and abroad.

    The catch phrase, a mainstay in nearly every blueprint for federal cybersecurity, is "public-private partnerships."

  • USA: Government Auditors Urge Clearer Cybersecurity R&D Strategy

    The government needs better leadership and more cohesive direction on cybersecurity R&D, according to a new report from the Government Accountability Office.

    The federal government needs to do more to come up with a comprehensive strategy for funding and carrying out research and development of new cybersecurity technologies, according to a new report by the Government Accountability Office.

    Cybersecurity R&D is currently a multi-headed set of initiatives within government. The report lists, in addition to the breadth of executive agencies, 14 different organizations involved in oversight and coordination of cybersecurity R&D, with various hands in a dizzying array of pots, and five agencies actually funding and conducting most of the government's cybersecurity R&D.

  • USA: Government Computers Still Exposed

    Agencies describe bug-patching problems that render systems vulnerable to cyberattack.

    Government agencies are spending billions on technology for homeland security, yet system vulnerabilities are increasing exponentially, agency representatives told a Congressional panel this week.

  • USA: Government IT security: Better than some, but could use work

    Security awareness is good among government workers, and security practices in government workplaces often are better than in their private-sector counterparts, according to a recent study by RSA Security.

    But there still is room for improvement, the survey found. Although 92 percent of government respondents had received security training, compared to 69 percent in the private sector, 34 percent of them reported that at times they felt they had to circumvent security policies to get their job done, a statistical dead heat with those in private enterprises.

  • USA: Government releases specs for security checklists

    The National Institute of Standards and Technology and the National Security Agency have released a specification to standardize IT security checklists.

    NIST and NSA collaborated with representatives from industry to develop the Extensible Configuration Checklist Description Format (XCCDF) as a way to provide a uniform format for security checklists, benchmarks and other configuration guidance.

  • USA: Government, Not Vendors, Must Lead In Securing Federal IT

    No doubt the IT security industry has a lot of knowledge to share with the federal government to help secure government IT systems and Web sites. With near-failure grades on IT security scorecards, the feds need the assistance.

    One approached died last week when the federal CIO Council withdrew its support from the CISO Exchange, a privately run group chaired ostensibly by senior government IT officials. The way the CISO Exchange worked, six companies willing to fork over $75,000 could join the Exchange’s exclusive advisory board comprised of leading federal CIOs and chief information security officers. Other vendors, with smaller contributions, would have had some, but more limited access to these officials. The arrangement smacked of pay to play, and the Exchange’s initial cheerleader in Congress, House Government Reform Committee chairman Tom Davis, vacated his earlier, enthusiastic endorsement.

Go to top