Configuration management deficiencies put EPA at risk

Administrators for the Environmental Protection Agency’s networks must focus on improving its configuration management program, according to a report from the agency’s inspector general.

Education Department OIG uncovers IT vulnerabilities

The information technology systems at the Education Department are vulnerable to attacks, according to a report this month from the agency’s inspector general.

Draft guidance aims to safeguard federal data stored by contractors

Two agencies that oversee government data released a draft recommendation that aims to protect sensitive federal information stored on the computers of contractors.

NRC struggles with continuous monitoring, recurring security weaknesses

The Nuclear Regulatory Commission is failing to perform required continuous monitoring measures and update other security weaknesses it’s known about for years, a new report from NRC’s Office of the Inspector General found.

What feds need to know about Regin malware

Cybersecurity professionals should play closer attention to Web browsing, email services and Windows domain controllers in the wake of Regin, a highly sophisticated malware application.

Commentary: Cyber threats demand executive not just IT skills

Governmental and private sector organizations must rethink their responses to cyber incidents and data breaches, and treat them as a strategic management imperatives, not just a forensics and mitigation project.

Postal Service hack raises new security questions

The Postal Service is still scrambling to process a system breach from two months ago that put the personal information of 800,000 employees at risk, an agency executive told lawmakers Wednesday.

Reporter’s notebook: VA CIO strikes back

The 168 words that Stephen Warren added to his opening remarks just an hour before testifying on Capitol Hill Monday may have only lasted 58 seconds but they succeeded in putting the beleaguered chief information officer of the Department of Veterans Affairs back in control of his relationship with congress.

Patent office holds first cybersecurity partnership meeting

The U.S. patent office held its first cybersecurity partnership meeting with members of the tech community Friday.

Foreign hackers may still have access to VA networks, IG says

The Department of Veterans Affairs is still “actively monitoring” VA networks for traces of foreign hackers that successfully infiltrated its computer systems in 2010, and officials acknowledge that some of those groups may still have access to VA systems through unauthorized user accounts.

VA readies scheduling RFP amid onslaught of security challenges

The Department of Veterans Affairs plans to release the long-awaited request for proposals next week.

USPS cyber breach: Agency halts teleworking, union files charges with NLRB

Employees of the United States Postal Service started their Monday with news that their personally identifiable information, including their social security numbers, had been potentially compromised in a cyber intrusion to the agency’s network, but now the agency has announced additional efforts in response to the breach and one employee union is on the offensive.

Employee data potentially compromised in USPS systems breach

Postmaster General Patrick Donahoe said personal information for any current postal employee and any employee who left the agency sometime after May 2012 could be at risk. The network intruder also may have accessed information about customers who contacted the Postal Service call center this year between Jan. 1 and Aug. 16.

Inside the Halvorsen strategy for DOD information sharing

Terry Halvorsen, the Defense Department’s acting chief information officer, wasn’t happy with the Pentagon’s original cloud policy. The department just wasn’t moving fast enough. So Halvorsen has crafted a new strategy that will not only get the military to the cloud faster, but will also improve information sharing and security and save a whole lot of money in the process.

The ‘Triple-A’ approach to improving cybersecurity

A new survey from Ernst & Young found that organizations across a wide swath of industries are still dragging their heels when it comes to preparing for cyber attacks.

What does the White House network breach mean for cybersecurity reform?

As Congress prepares to come back after this week’s elections, Sen. Tom Coburn, R-Okla., suggested that the recent White House network breach should inspire a call to action to address some of the cybersecurity legislation pending on Capitol Hill, including the Federal Information Security Modernization Act of 2014.

Is the post-Snowden cloud apocalypse real?

Many predicted Europe would abandon U.S.-based cloud providers in the aftermath of last year’s NSA leaks that revealed a massive Internet surveillance program that tapped into the servers of some of America’s biggest Internet companies. So why are U.S. cloud providers still making money and expanding in Europe?

Former Defense Secretary Robert Gates offers sober critique of U.S. cybersecurity posture

Former Secretary of Defense Robert Gates unleashed a scathing assessment Thursday of the U.S. government’s handling of national cybersecurity policy, blaming bureaucratic turf battles and a dysfunctional Congress for the lack of progress on information sharing and critical infrastructure protection.

Rogers downplays NSA moonlighting controversy

The NSA has a new public relations crisis on its hands — senior officials moonlighting for cybersecurity companies and even signals intelligence contractors. But is this trend related to the new NSA director’s desire to “create a more permeable membrane” between the agency and the private sector?

Todd Park subpoenaed again to testify on

House Science Committee Republicans want the former federal chief technology officer to answer questions about his role in the launch of

Page 1 of 381 2 3 4 38