Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Nearly 8 of 10 hard drives tested contained tax returns, Social Security numbers, names of children placed in foster homes, passwords and child abuse documentation, an audit by New Jersey authorities reveals.
The overall goal of the guidance is to achieve appropriate security assurance for multiple applications by efficiently verifying the claimed identity of individuals seeking physical access to federally controlled government facilities and electronic access to government information systems.
Describing it as the capstone publication of a partnership with the defense and intelligence communities, NIST publishes new guidance on managing security risk associated with the operation and use of IT systems.
NIST updates its national checklist program for IT products, tech specs for SCAP and guide to using vulnerability naming schemes as well as providing a status report on its cryptographic hash algorithm competition.
Homeland Security's U.S. Citizenship and Immigration Services IT systems are vulnerable to insider threats, according to a report by the Insider Threat Center at CERT, part of the Software Engineering Institute at Carnegie Mellon University.
Though the E-Government Act assigns primary responsibility for IT security to agency CIOs, the Cybersecurity and Internet Freedom Act, introduced last week in the Senate, delineates responsibilities for CISOs.
Known as the Cloud First policy, Federal CIO Vivek Kundra has outlined a new policy in which one-quarter of the $80 billion the federal government spends on information technology would employ cloud computing solutions.
Homeland Security Secretary Janet Napolitano says the government will fully deploy the Einstein 2 threat detection system by year's end and will begin implementing in 2011 Einstein 3, with the aim to automatically detect and disrupt malicious cyber activity.
Cybersecurity isn't a problem like air defense, where you would look to the government alone to provide the solution, Defense Deputy Secretary William Lynn III says. Cyberdefense must include nongovernment entities, too.
Defense Deputy Secretary William Lynn III meets with NATO Secretary General Anders Fogh Rasmussen, but works most closely with Ambassador GÃ¡bor IklÃ³dy of Hungary, the alliance's assistant secretary general for emerging security challenges
The European Union issues a paper on how governments and healthcare organizations should approach deploying secure cloud computing advice that could be applicable to governments and hospitals in the United States.