by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : September 15, 2014
September 15, 2014 FCW.COM 17 uct for monitoring privileged users in the cloud “provides a DVR-like record- ing, as if you’re on the person’s shoul- der watching the screen for everything that these privileged users are doing.” When system administrators change shifts, their mouse clicks and down- loads are distinguishable rather than invisible under a generic administra- tive login. Ammon said DHS, the Defense Department, intelligence agencies and other civilian agencies have each deployed at least 10,000 Xceedium platforms. John Pirc, chief technology officer at NSS Labs and a former cybersecu- rity researcher for the CIA, echoed Ammon’s advice of focusing on sys- tems administrators to thwart insider threats. But he also pointed to technol- ogy’s limitations. 14. Implement secure backup and recovery processes. 15. Develop a formalized insider threat program. 16. Establish a baseline of normal network device behavior. 17. Be especially vigilant regarding social media. 18. Close the doors to unauthorized data exfiltration. “I think we need to move to a model where if there’s a specific program, [then] whoever is a system admin is a system admin over that data, and everything is highly locked down on that individual’s workstation or lap- top,” he said. He added that the intelligence com- munity’s priorities for managing the information security factors of people, processes and operational workflow had been “extremely misaligned,” but Snowden’s leaks changed that. The dis- closures have focused officials’ minds on how improving peo- ple-to-people relation- ships can help the agency better safeguard informa- tion, Pirc said. DISA’s role in insider threats In May, DISA Director Lt. Gen. Ronnie Hawkins cited Snowden’s leaks and then-Pfc. Bradley Manning’s disclosures to WikiLeaks in 2010 in a speech underscoring the need for defense and intelligence agencies to move to the Joint Information Envi- ronment, an ambitious effort to devel- op a single enterprise IT platform for all of DOD. The rationale behind such data consolidation is that Snowden and Manning were enabled by the intelligence community’s widely dis- persed network of data. DOD is loath to give up the ability of its officials worldwide to access classified intelligence. So the govern- ment’s success in safeguarding classi- fied intelligence would seem to rest, in part, on its ability to implement JIE. Consolidating data would reduce the “attack surfaces” of DOD networks and allow security measures to be deployed simultaneously, according to DISA. JIE’s virtual cloud environment would also enable DOD and the intelli- gence agencies to ensure that even sto- len data would be encrypted, then-NSA Director Gen. Keith Alexander said in July 2013. When fully implemented, JIE will connect DOD’s consolidated data centers and networks on a secure cloud, and U.S. Cyber Command will have visibility into that cloud, then- DOD CIO Teri Takai told Foreign Pol- icy magazine in August 2013. Since becoming acting DOD CIO in May, Terry Halvorsen has on multiple occasions expressed his eagerness to see JIE in action while also emphasiz- ing that it is more of a concept than a program. His office is set to unveil a series of cloud-based pilot projects for JIE to help identify DOD’s acceptable level of risk for high-impact but unclassified data. The projects will help focus cloud efforts related to business systems and unclassi- fied information. Halvorsen was unavailable for an interview for this story. The intelli- gence community is also addressing insider threats holistically by develop- ing a set of best practices for prevent- ing them, with the help of the pub- lic/private Intelligence and National Security Alliance. The organization’s Cyber Insider Threat Task Force is set to release its recommendations in the coming months. Ammon said the result, although well intentioned, might be more aca- demic or theoretical than practical. It is therefore the responsibility of the “vendor community to align our solu- tions around what is an academic approach and provide more of a road map in which [agencies] can stair-step their way” to better security, he said. Vendors will want to stay involved in the intelligence community’s response to insider threats. Given human nature, it seems there will always be a market for their services. ■ The government’s success in safeguarding classified intelligence would seem to rest, in part, on its ability to implement JIE.
September 30, 2014
August 30, 2014