The Chenok era dawns at IBM center

Editor’s Note:  FISMA Focus congratulates Mr. Chenok, we believe his leadership of the Center will benefit business and government stakeholders.

From: Federal Computer Week

By Michael Hardy

Dan Chenok will become executive director of the IBM Center for the Business of Government on July 1. He takes over from Jonathan Breul, who is retiring.

Chenok has been a senior fellow at the center since 2010, offering his expertise on government technology, acquisition and ways to improve management. He also leads the organization’s consulting services for public-sector technology strategy and is chairman of the federal government’s Information Security and Privacy Advisory Board.

GAO: Cyber Threats Facilitate Ability to Commit Economic Espionage

GAO testified before Congress (testimony attached below) on “(1) cyber threats facing the nation’s systems, (2) reported cyber incidents and their impacts, (3) security controls and other techniques available for reducing risk, and (4) the responsibilities of key federal entities in support of protecting IP [intellectual property].”

GAO testified that,

In summary, the ongoing efforts to steal U.S. companies’ intellectual property and other sensitive information are exacerbated by the ever-increasing prevalence and sophistication of cyber-threats facing the nation. Recently reported incidents show that such actions can have serious impact not only on individual businesses, but on private citizens and the economy as a whole.

IG finds unauthorized e-readers, thumb drives, GPS on Homeland Security networks

Editor’s Note:  The OIG report, DHS Needs To Address Portable Device Security Risks, is attached below.

From: Nextgov

By Aliya Sternstein

Homeland Security Department employees are logging on to DHS networks with their unapproved Global Positioning System units, e-readers and other electronics and failing to regularly encrypt sensitive data on government-issued Android devices, according to the department’s inspector general.

The mobile federal workforce’s increasing dependence on commercial portable electronics, including tablets and Apple gadgets, may be compromising Homeland Security data, Frank W. Deffer, DHS assistant IG for information technology audits, concluded in an audit released this week.

DHS hones dynamic approach to securing agency computer networks

From: 1500AM

By Jason Miller

For more than a decade, the biggest criticism of the Federal Information Security  Management Act is the static nature of how agencies reviewed their systems — on average every three years.

Congress has attempted to update FISMA for more than three years with requirements  for agencies to take a new, dynamic approach to securing their systems, but its  efforts have stalled. So the Obama administration slowly has been using policy and  regulations to make the change to continuous monitoring.

Breach At U.S. Regulatory Agency Puts Employee Data At Risk

From: Dark Reading

Phishing attack at Commodity Futures Trading Commission fools employee into giving up account data

By Tim Wilson

The U.S. Commodity Futures Trading Commission, which governs the nation’s derivatives markets, has disclosed that it suffered a data breach in May, exposing the Social Security numbers and personal information of its employees.

According to a news report about the CFTC breach, an employee ath the commission received a phishing email on May 21 and input information into a fraudulent website. A third party was then able to illegally enter the employee’s account, which had access to personnel information, according to a copy of an email sent to agency employees that described the incident.