by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : September 15, 2014
September 15, 2014 FCW.COM 15 It is no secret that the U.S. gov- ernment is desperate to prevent another large-scale leak of clas- sified information like the one carried out by Edward Snowden last year. And the role technology is playing in this pursuit could have long-term consequences for federal agencies’ relationships with their employees. Experts say developments such as more sophisticated employee key cards and the segmentation of login privileges for systems administrators could play important roles in safe- guarding government information. The efforts do not involve whiz-bang technology but rather prioritizing and developing existing tools to cope with a basic government need: to commu- nicate securely on internal networks. As is the case for most policy chal- lenges, there is no technological pana- cea for insider threats. If there were, reports of another government leaker of classified information would not have emerged in recent weeks. But as technologies mature and agencies learn which practices are most effec- tive, the security equation is changing. The National Security Agency has acknowledged that Snowden’s disclosures altered its approach to insider threats. The agency recently accelerated pre-existing measures to counter insider threats, such as the use of centrally managed thin clients, and has imposed two-person controls on systems administrators, a position Snowden held. John DeLong, NSA’s director of compliance, said at a security con- ference in August that the policy and technology changes seek to “make sure people are set up for success, so that rules are consumable, trainable, testable; that machines can incorpo- rate them directly into people’s work- flows; that we have spot checks, etc.” An NSA spokesman declined inter- view requests for this story. But one needn’t divine what the spy agency is up to for a look into the future of insider-threat detection. The topic is so broad and the U.S. government has such a vast canvas of networks that efforts to thwart insider threats inevi- tably vary by agency and differ in clas- sified and unclassified environments. Insider threats speak to basic issues of trust and have been around far longer than the processing chip. “It’s true at the NSA and it’s true at McDonald’s,” security technologist Bruce Schneier said. “Organizations have to put people in positions of trust; otherwise, the organization doesn’t function.” In other words, as long as federal agencies are staffed by humans and not machines, insider threats will remain a challenge. Starting with physical access Taken broadly, the term “insider threat” encompasses both digital and physical threats to government infrastructure and employees. The violent attacks by military personnel at Fort Hood in 2009 and 2014 and by a contractor at the Washington Navy Yard in 2013 have driven home the need to secure access to military facilities. And some of the potential solutions are digital. For example, Ken Ammon, chief strategy officer at network security software company Xceedium, said there is more to the Defense Depart- ment’s Common Access Card than meets the eye. A recent pilot proj- ect at a limited number of military bases triggered an instant background check when a CAC was swiped, which resulted in a number of con- victed felons being prevented from entering the base, he said. “That’s an example of a simple use case that’s available to today’s IT systems that dramatically can reduce your risk [and] certainly begin the process of managing the risk of who you treat as an insider,” he added. Moving to CDM Preventing convicted criminals from entering a facility is one thing, but detecting anomalous downloads and keystrokes from vetted employees and contractors is much more dif- ficult. After all, Snowden had no criminal history when he stole an estimated 1.5 million documents, many of them classified, as an NSA contractor. Moreover, the addition of technol- ogies such as cloud computing and personal mobile devices have mostly erased any “clean line between insid- ers and outsiders,” said Ammon, a for- mer Air Force intelligence officer and liaison to NSA. Government officials have respond- ed to the additional security vulner- abilities by instituting a Continuous Diagnostics and Mitigation (CDM) program overseen by the Depart- ment of Homeland Security. In that risk-based approach to cybersecurity, sensors detect weaknesses on agency networks, prioritize them based on potential impact and alert administra- tors via a dashboard. DHS has launched the next phase of CDM through an approach called criti- cal application resilience. It tackles a layer of vulnerabilities inherent in soft- ware code and other add-ons to agency networks. That greater level of visibil- ity into networks could help agencies The topic is so broad and the U.S. government has such a vast canvas of networks that efforts to thwart insider threats inevitably vary by agency and differ in classified and unclassified environments.
September 30, 2014
August 30, 2014