Archive for December, 2015
White House hopes to trim $9B software spend
By Mark Rockwell
Tens of thousands of expensive and fragmented agency software purchases cost taxpayers $9 billion a year. Two top officials at the Office of Management and Budget say improved management can help save money, and they aim to staunch the flow of money with new plans to consolidate and streamline the way the government buys software.
In a Dec. 21 blog post, Federal CIO Tony Scott and Chief Acquisition Officer Anne Rung announced a proposal that “doubles down” on acquisition consolidation at federal agencies and builds on new requirements in the Federal IT Acquisition Reform Act. The proposed guidance is open for public comment through Jan. 20, 2016.
IBM to lead open-source semi-private blockchain for banking giants
From: The Stack
In March we reported that IBM was maintaining ‘informal discussions’ with the U.S. Federal Reserve whilst investigating the application of blockchain technology for financial services. Now that work has reached a new stage; the company has announced it will lead a crowd of coding giants in the development of a new blockchain financial transaction infrastructure called Open Ledger, for the benefit of major banking and financial institutions including Wells Fargo, JP Morgan and the London Stock Exchange.
The InfoSec Gender Divide: Practical Advice For Empowering Women
Barbara Johnson, Commentary
There is no one-size-fits-all approach for women to succeed in IT security. What you need is a roadmap and a little help from your friends.
While stigmas and stereotypes suggest the industry is not welcoming toward women, speaking from my own experience, I believe more women can become empowered women by researching IT security opportunities, developing security credentials and seizing security opportunities when they arise.
NY Attorney General Wants Public To Report Broadband Speeds
Posted by samzenpus from the getting-what-you-pay-for dept.
An anonymous reader writes: New York Attorney General Eric Schneiderman is investigating ISP speed and service claims. He’s asked consumers to help by testing their broadband speeds and reporting the findings. “New Yorkers should get the Internet speeds they pay for. Too many of us may be paying for one thing, and getting another,” Schneiderman said. “By conducting these tests, consumers can uncover whether they are receiving the Internet speeds they have paid for.”
EU set to agree new data privacy law with stiff penalties
By Julia Fioretti
BRUSSELS (Reuters) – A sweeping reform of fragmented laws governing the uses of personal data set to be agreed by the European Union on Tuesday will force companies to report privacy breaches to authorities or face stiff sanctions.
EU governments and members of the European Parliament are expected to agree the new data protection law, which would replace a patchwork of 28 different laws and give regulators greater enforcement powers.
Cyber sharing with industry improving, DOJ says
By Sean Lyngaas
Private-sector executives have sent a clear message to the Justice Department: The cyberthreat information the department shares must improve, said Sean Newell, a deputy chief in the department’s National Security Division.
As a result, officials are trying to send threat information to breach victims as an investigation progresses, Newell said Dec. 9 at an Atlantic Council event in Washington.
Nate Lesser: New project to establish cybersecurity standards, best practices
From: FederalNewsRadio.com 1500AM
By Tom Temin | @tteminWFED
Nate Lesser, Deputy Director, National Cybersecurity Center of Excellence
It’s one thing when cybersecurity hackers bring your system down. At least you can tell what’s going on. But what about when malicious people inside or outside alter or erase data quietly? It’s a major worry for business and government not knowing what they don’t know. That’s why the National Cybersecurity Center of Excellence has launched a project to establish standards and best practices for knowing about and responding to attacks on data integrity. For more on this project, Federal Drive with Tom Temin talked to Nate Lesser, the center’s deputy director.
Breached hotel chain settles with FTC in landmark case
From: The Hill
By Cory Bennett
The Federal Trade Commission on Wednesday settled a lawsuit with hotel chain Wyndham Worldwide that alleged the company’s poor data security exposed customer data to hackers.
The settlement is the final period in a court battle that spanned several years and threatened the FTC’s power to go after companies over their data security practices.
Book Review: Red Team by Micah Zenko
From: Council on Foreign Relations
by Adam Segal
As the details of the hacking of the U.S. Office of Personnel Management (OPM) became public in 2014 and 2015, the refrain from the press, Congress, and the general public was: how could this happen? How could hackers, probably from China, have stolen what one former official called, “crown jewels material … a gold mine for a foreign intelligence service”—the personal data of 18 million individuals, including the sensitive information on federal employees? After reading Red Team: How to Succeed by Thinking Like the Enemy, the excellent new book by my colleague Micah Zenko, you are likely to ask, why doesn’t it happen more often, and is there anything to be done to make sure it does not happen again?
Privacy expert Lorrie Cranor will replace Ashkan Soltani in January
From: IT World
Privacy issues will likely stay at the forefront of the FTC’s focus next year thanks to the commission’s appointment of Lorrie Cranor as its new chief technologist.
Cranor, who is currently a professor of computer science and engineering and public policy at Carnegie Mellon University, directs the CyLab Usable Privacy and Security Laboratory. She will succeed Ashkan Soltani, the privacy expert who assumed the role in November 2014, the U.S. Federal Trade Commission announced on Thursday.