by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : October 2014
Trending of millennials do not know what a job in cybersecurity entails 63% 8 October 2014 FCW.COM The Department of Homeland Securi- ty’s newly enhanced authority to scan agency networks for serious computer viruses could significantly reduce the time it takes the government to nip the next Heartbleed in the bud, a senior DHS official said Oct. 7. The new authority, which the Office of Management and Bud- get announced Oct. 3, “re- duces that vulnerable win- dow where departments and agencies may not know that a vulnerability exists in their environment and we can provide that content...so they can fix it more quick- ly,” said Roberta “Bobbie” Stempfley, deputy assistant secre- tary for cybersecurity strategy and emergency communications in DHS’ National Protection and Programs Directorate. Previously, DHS needed permission before it could scan an agency’s net- works for vulnerabilities, a process officials have described as a tedious delay to the government’s response to cyber threats. Deputy Undersecre- tary for Cybersecurity and Communi- cations Phyllis Schneck, Stempfley’s colleague at NPPD, recently said the legal wrangling caused about a week of lagtime between the emergence of the Heartbleed OpenSSL vulnerability and DHS’ scanning of agency net- works for the bug. That cumbersome pro- cess, which Stempfley said was “not an operationally responsive model,” no lon- ger exists. And it apparently was not difficult to abolish. DHS worked with OMB and the CIO Council on the new guidance, “and we found that to be a very easy thing to change,” said Stempfley, who spoke at a conference hosted by the National Defense Indus- trial Association. — Sean Lyngaas DHS: New scanning authority will help stop next Heartbleed INK TANK Federal agencies aren’t taking the investigative or audit needs of inspec- tors general into account when enter- ing into deals with cloud service providers, according to a September report from the IG community. After reviewing 77 cloud contracts that were active in fiscal 2014 and rep- resent a total value of $1.6 billion, the Council of the Inspectors General on Integrity and Efficiency found that 34 contracts did not include requirements for data preservation, and 61 did not allow investigators unfettered access to cloud service providers’ systems for criminal probes and other purposes. Additionally, 54 contracts did not give IGs access to documentation, data- bases and facilities for inspections or investigations. IGs need such access to investigate possible malfeasance on the part of federal employees and abuse of fed- eral systems, and to audit security requirements for cloud systems under the Federal Information Security Man- agement Act. IGs want the Office of Management and Budget to take the lead on develop- ing a template for agencies to follow when they develop requirements for cloud projects and write contracts with cloud service providers. IGs also want to put some teeth in the Federal Risk and Authoriza- tion Management Program to ensure that agencies comply with cloud safe- guards established by OMB. The coun- cil’s report states that 59 federal cloud systems did not comply with FedRAMP security requirements despite a June 5 deadline. The council recommends an improved reporting process to ensure FedRAMP compliance. — Adam Mazmanian IGs seek access, consistency in cloud deals Roberta Stempfley
September 30, 2014
November and December 2014