Archive for November, 2011

Guess the Size of Fed IT Security Workforce


Agencies Don’t Know How Many Cybersec Experts They Employ

Eric Chabrow, Executive Editor,

The lack of government-wide definitions for information security occupations means the agencies with the largest IT budgets don’t know how many cybersecurity experts they employ.

That’s one finding in a Government Accountability Office report released Tuesday that details how eight surveyed agencies have taken varied steps to implement workforce planning for IT security personnel. The report, entitled Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, also revealed:

Cyber security: Are stricter regulations the answer?

From: Government Security News

By: Torsten George

In October, the Securities and Exchange Commission (SEC) Division of Corporation Finance released a guidance document that outlines disclosure practices for public companies, in light of the most recent spike in cyber security attacks and associated data breaches.

The guidance document hints that companies have to pay more attention to assessing the impact of cyber security attacks and their outcomes; especially as it relates to weaknesses in the security posture and preventive measures of their organization.

Lax Policies Keep Cyber Security Issues at Forefront


by Prem Iyer, CISSP / PMP

In an earlier post, Preparing for the Fight, I discussed that most agencies are ill-prepared when it comes to protecting their assets against the latest cyber threats. This point was validated last month when the Government Accountability Office (GAO), as part of the Federal Information Security Management Act of 2002 (FISMA), reported that persistent weaknesses in information security controls, due to incomplete implementation of security programs, resulted in a very serious spike in incidents across agencies.

A new line of defense in cybersecurity, with help from the SEC

From: Washington Post

By Jay Rockefeller and Michael Chertoff

We have been in enough classified briefings over the years to know the details of the most significant threats to our national security and our way of life. One vulnerability in particular keeps us up at night: the state of our nation’s cybersecurity.

The directors of national intelligence under President George W. Bush and President Obama have called cyberattack the greatest long-term threat to our nation. Adm. Mike Mullen, the former chairman of the Joint Chiefs of Staff, has put it even more starkly, saying that cyberattacks pose one of only two existential threats to the United States. Russia’s nuclear weapons constitute the other — and amount to a threat that, Mullen says, is under control.

China Singled Out for Cyberspying

From: WSJ

U.S. Intelligence Report Labels Chinese ‘Most Active’ in Economic Espionage; Russia Also Named


WASHINGTON—The U.S. government accused the Chinese of being the world’s “most active and persistent” perpetrators of economic spying, an unusual move designed to spur stronger U.S. and international action to combat rampant industrial espionage threatening U.S. economic growth.

Russian intelligence agents also are conducting extensive spying to collect U.S. economic data and technology, according to a U.S. intelligence report released Thursday that concluded China and Russia are “the most aggressive collectors” of U.S. economic information and technology.