Coordinating Cybersecurity Programs

From: | An Information Sharing Environment Bulletin

By: Kshemendra Paul, ISE Program Manager

Cyberattacks, resilience of critical infrastructure, and related cybersecurity concerns are escalating at exponential rates, and so are the many governmental programs attempting to mitigate the risks for all citizens as well as government and industry. As a wide range of threats expand, and cyberterrorists, cybercriminals and other nefarious actors transform their capabilities into new forms of attack, the demand for faster and more effective responses and ways of prevention grow as well. Cybersecurity programs are in place throughout many federal agencies, state/local organizations and consortia, and my office is prioritizing its efforts on cyber information sharing efforts that focus on the domestic nexus of national security and public safety.

OMB moves ahead with proposed ban of most new contracts for mobile devices, services

From: | 1500AM

By Jason Miller

The Office of Management and Budget is planning to ban most new contracts for mobile devices and services, and wants to know what agencies and industry think about that.

As Federal News Radio first reported in January, OMB’s new draft mobile device and services policy will try to bring most contracts under a governmentwide vehicle run by the General Services Administration.

Read Complete Article


Agency IT managers welcome FedRAMP changes

From: FCW

By Mark Rockwell

“I’m excited about FedRAMP Ready, NASA’s Roopangi Kadakia said, referring to the just-announced changes to the Federal Risk and Authorization Management Program.

Kadakia’s excitement — about plans to move away from the slow, documentation-driven current approach and put cloud services through a readiness capabilities assessment at the front end of the process — was shared by several other federal IT managers FCW asked about the new processes unveiled by the General Services Administration on March 28.

Read Complete Article


Could a Weak Link in the Chain Hamper Retailer Implementation of PCI DSS Version 3.2?

From: InfoSecurity

Business Development Manager at Barron McCann

The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide standard set up to help businesses process card payments securely and reduce card fraud through tight controls surrounding the storage, transmission and processing of cardholder data that businesses handle.

Due to the sensitivity of the data that is handled in this process, it’s seen as a high priority for retailers to adopt PCI DSS. If a retailer isn’t PCI DSS compliant and loses customer card data, they risk the possibility of incurring Card Scheme fines, and may also be liable for the fraud losses incurred against these cards and the operational costs associated with replacing the accounts.

How can improved data collection help end violence against women?

Editor’s Note: A reminder on the importance of data quality.

From: European Union – Press Release/Statement

To reduce violence against women, first we need to understand the scope of the phenomenon, and for that we need quality data. Reliable and comparable statistics help us to assess the effectiveness of policy measures and services in place, estimate the resources needed to tackle the issue and track progress over time. EIGE’s work on good practices has now identified examples of proven and effective methods on administrative data collection.