by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : April 30, 2015
The federal government is showing mixed results on its goal of imple- menting policy to reduce data leaks and other risks posed by govern- ment insiders and contractors hold- ing security clearances, according to the most recent updates posted on Performance.gov. The leaks from former National Security Agency contractor Edward Snowden and the Navy Yard shooting drew attention to efforts to improve and automate processes by which clearances are granted and how access to classified information and networks is monitored. A big piece of the effort is develop- ing systems for continuously evaluat- ing the activities and risks posed by the population of 5.1 million Ameri- cans with access to classified informa- tion and working on IT strategies to support acquisition and development. According to the latest update on Performance.gov, the Office of the Director of National Intelligence missed a December 2014 goal to roll out an initial continuous evaluation capability for individuals with the most sensitive clearances. A goal to develop an enterprise IT strategy for Piecing together the insider threat puzzle is the reported investment IBM is making in an Internet ofThings business unit $3B Trending security, suitability and credential- ing by the end of last year was also missed. There are bureaucratic and practi- cal obstacles. To cite just one exam- ple, the process to add mental health questions to the information collected on standard personnel security and suitability forms is taking longer than planned. But it’s clear that the over- all objective of preventing leaks and sabotage is a high priority for insti- tutions that collect and guard secret information. The Defense Department issued a directive establishing an insider threat program in September 2014, and DOD reports that it is on track to have a continuous evaluation capa- bility extended to 225,000 personnel by December. As it stands, the government is scheduled to deploy an initial govern- mentwide insider threat program by the end of the year, with final operat- ing capacity achieved by the end of 2016. The ultimate goal, which is partially complete, is to have regular — ideally electronic — access to insider threat data from a range of sources, includ- ing counterintelligence, law enforce- ment, human resources departments and IT access logs. However, designing an insider threat program involves more than developing rules-based monitoring and flipping a switch. And there are risks to relying on automation to fer- ret out insider threats. “The unintended consequence that I often worry about as we add more and more technological measures for mon- itoring data and data access is that people will start to think it’s not their job anymore to stop anomalies,” said Neal Ziring, technical director at NSA’s Information Assurance Directorate. There is also the risk of tuning threat detection to be overly sensi- tive to single anomalies. Ziring said that like any intelligence work, insider threat detection requires a mosaic approach, where data is cor- roborated and fused to shape a larg- er picture that takes into account employee activities on IT networks and around classified information, financial pressures or sudden unex- plained changes in income, among other factors. — Adam Mazmanian FCW CALENDAR Innovation ACT-IAC’s annual Management of Change conference will dig into continuous delivery, workforce development and the Internet of Things. Cambridge, Md. is.gd/FCW_MOC2015 Commerce IT Washington Technology presents an industry day to explore fiscal 2016 priorities at the Commerce Department’s key component agencies. Tysons, Va. is.gd/FCW_commerceIT 5/17-19 5/13 April 30, 2015 FCW.COM 3 NOMINATIONS NOW OPEN Nominations for the 2015 Rising Star awards are now being accepted. Learn more at fcw.com/2015risingstars. 0430fcw_003-011.indd 3 4/8/15 2:23 PM
April 15, 2015
May 15, 2015