by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : March 30, 2016
CRITICAL READ WHAT: “The Ground Truth about Encryption and the Consequences of Extraordinary Access,” a white paper from the Chertoff Group. WHY: The Chertoff Group sides with Apple in a dispute with the FBI over whether to provide law enforcement agencies with spe- cial software to bypass security features in the iPhone. Apple executives have argued that developing software to unlock the phone of one of the San Ber- nardino, Calif., shooters would unleash a technological “cancer” that could affect tens of millions of customers. The Chertoff Group said it could not find evidence of a successful terrorist attack that would have been stopped by law enforcement’s use of decryption technologies, and social media has been a more effective inves- tigative tool than breaking into smartphones. Furthermore, mandating exceptional access threatens to hobble or outright damage inno- vation in the U.S. encryption and security technology markets, the Chertoff Group concluded. The paper also notes several cases in which damaging, long-term intrusions were perpetrated with the use of pilfered encryption keys. VERBATIM: “In the absence of any decisive demonstra- tion of need, our instinct is to permit the market of ideas and technological develop- ment to function without governmental interference.” FULL REPORT: is.gd/FCW_Chertoff Trending of federal IT workers surveyed by SolarWinds said the replacement of legacy software has reduced their cybersecurity risks 55% 10 March 30, 2016 FCW.COM Join the conversation FCW uses Twitter to break news, field questions and ask our own. Learn more at Twitter.com/FCWnow. 9:11AM-1Mar2016 GSA Great Lakes @GSAGreatLakes Reply Retweet Favorite We cleaned up at 2016 Federal Computer Week Fed 100 Awards — http://1.usa.gov/1WTsFSQ @FCWnow Even if the Office of Personnel Man- agement had had the latest version of the Department of Homeland Security’s multibillion-dollar Einstein firewall in place last year, it still would not have prevented the massive hack of OPM that compromised the data of some 22 million Americans. Phyllis Schneck, deputy undersecretary for cybersecu- rity and communications at DHS, read- ily admits this. Nonetheless, she said the intrusion- detection and prevention system for civilian agencies should be viewed as a foundation for a more sophisticated, data-driven cyber defense. She added that in the coming months, officials will pair Einstein 3A, the latest version of the firewall, with cyber intelligence to more quick- ly detect and thwart hackers like the OPM intruders. DHS is also testing a “reputation scoring” system by using cyberthreat information from the intelligence com- munity and the private sector to come up with a “credit score” for a cyber adversary, Schneck said. Einstein came under fire in the after- math of the OPM breach last summer, especially after it was revealed that hackers had access to OPM networks for 10 months before their malware signatures were plugged into Einstein. At the time of the breach, OPM had deployed the first and second versions of Einstein, according to DHS. Those systems provide only threat detec- tion and not blocking. OPM has since deployed Einstein 3A. A recent GAO report found that Einstein provides a “limited ability to detect potentially malicious activ- ity entering and exiting computer networks at federal agencies.” More- over, the program “does not monitor several types of network traffic, and its ‘signatures’ do not address threats that exploit many common security vulnerabilities and thus may be less effective.” Schneck described the report as well intentioned but based on out-of- date information. Any suggestion that Einstein wouldn’t pass muster in the private sector is misguided, she added. She defended the system by saying that Einstein picks up some threats a commercial firewall might miss and vice versa. “One system, one set of eyes watching the entire set of civil- ian agencies is invaluable,” Schneck said. — Sean Lyngaas DHS official: Einstein key to data-driven cyber defense 0330fcw_003-010.indd 10 3/9/16 9:33 AM
March 15, 2016
April 15, 2016