"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
Key U.S. IT networks remain vulnerable to attack, undermining confidence in the nation's IT systems and the information collection and sharing process, Homeland Security Deputy Undersecretary Philip Reitinger and other officials say.
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Iowa CISO Jeff Franklin explains how collecting real-time information helps the state information security office transition its focus from technology to risk management.
"Today's risk management professionals really need to take a strategic view of managing risk to be relevant in achieving the organization's expected outcome," says Philip Alexander of Wells Fargo Bank.
Speculation about the pending update to online authentication guidance has been circulating around water coolers for months now. "A [disclosure] like this could make it more challenging for the regulators," says attorney David Navetta.
The co-chair of the Commission on Cybersecurity for the 44th President praises the Obama administration's commitment to IT security, but says the administration has much more work to do to develop a comprehensive strategy to combat cyber threats.
Describing it as the capstone publication of a partnership with the defense and intelligence communities, NIST publishes new guidance on managing security risk associated with the operation and use of IT systems.
State chief information officers are asking their bosses - the nation's governors - to pay more attention to IT security, according to a call for action from the National Association of State CIOs.
A team headed by Senior Computer Scientist Ron Ross will update one of NIST's premier risk management publications - SP 800-53: Recommended Security Controls for Federal Information Systems and Organizations.
Though the E-Government Act assigns primary responsibility for IT security to agency CIOs, the Cybersecurity and Internet Freedom Act, introduced last week in the Senate, delineates responsibilities for CISOs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.