DHS kicks off $6B cyber program, the death of the cloud has been greatly exaggerated and more

August 26, 2013
No Comment


DHSHere are the top cyber news and stories of the day.

  • Internal Pentagon presentation details civilian workforce cuts – “The Pentagon is considering dismissing more than 5,000 civilian workers if sequestration continues into the coming fiscal year–which begins Oct. 1–according to internal documents obtained by Bloomberg.” The Pentagon is looking at a possible 10% budget cut from their request, and are planning for a $475B budget instead of the $526.6B requested. Via FedScoop, more here.
  • Millions of Android users vulnerable to security threats, say feds – “Amid ongoing U.S. government mass surveillance claims, the DHS and FBI are more aware than ever of its use of the Android platform, and the vulnerabilities that go with it.” Most of the vulnerabilities reported in Android devices require user cooperation, but that does not mean you cannot be hurt. Drive by malware is still possible; however, it is rare. All users need to attend to security, but the most at risk are those still operating FroYo or Gingerbread devices. Via ZD Net, more here.
  • The death of the cloud has been greatly exaggerated – Many analysts believe that PRISMS could scare people away from using cloud services. However, Theo Priestley of Software AG wrote over at GigaOM that these predictions are overwrought and over-reported. He does believe that many US services will be shunned by foreign buyers, but the impact of that lost income will be hard to calculate. He has included 5 key considerations for cloud security, so check them out. Via GigaOM, more here.
  • Army network modernization efforts don’t capitalize on testing, says GAO – “In an effort to modernize its tactical network, the Army uses network integration evaluations to test network components together in combined events before acquisition. However, the service doesn’t always use the information it gathers from the process, finds the Government Accountability Office in an Aug. 22 report.” The Army is about to field four new programs, but none of them actually tested well. These programs are key communication programs, “Warfighter Information Network-Tactical Increment 2, Joint Tactical Radio System Manpack Radio, Joint Tactical Radio System Rifleman Radio, and Nett Warrior[.]” Via FierceGovernmentIT, more here.
  • U-Michigan engineers study malware in hospitals – “Two University of Michigan engineers are part of a national team that is using a $10 million federal grant to protect medical devices and hospital computer systems from viruses and other malware.” This is a key piece of the electronic healthcare process. Without secure systems, our healthcare networks are greatly at risk. Via WUSA9, more here.
  • DHS kicks off $6B cyber program – “DHS has committed $185 million this year to fund the initial roll out of monitoring tools capable of firing billions of automatic security inspections across civilian networks every 24 to 72 hours. DHS has additional funding budgeted for at least the next two years, pending congressional approval.” Part of these tools are automated, looking to make security testing simple and the results easy to read. DHS is attempting to standardize protections across agencies; however, this will be a tough task for them to accomplish. Real-time threat management is part of the intent as well, and time will tell the efficacy of said program. Via Federal Times, more here.
  • NIST proposes supply chain control overlay –  ”A new proposed cybersecurity control overlay from the National Institute of Standards and Technology for federal agency supply chain risk management would add a new family of controls that would at minimum require tracking systems or components as they wind their way through the supply chain.” This draft document is hoping to propose some provenance controls, including a “system or component origination policy and tracking procedure.” Via FierceGovernmentIT, more here.