by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : December 2012
December 2012 FCW.COM 25 DEDICATED EFFORTS TO BOOST CYBERSECURITY 3. rsecurity At the national level, cybersecurity is no longer spoken of in vague terms, Rhodes said. "Now, we have a presi- dent who talks about how cyberattack is an act of war, " he said, referring to Presidential Policy Directive 20, a classi- ed document that outlines U.S. military protocol and procedures for thwarting cyberattacks from other nations. "This goes beyond just cyber defense and protecting networks, " Barnett said. "We're not going to stand in the corner with boxing gloves covering our faces. We're going to take a swing if anyone is trying to harm our national interests in cyberspace. " 2012 was also the year agencies stepped up efforts to harden their sys- tems despite tighter budgets, Tipton said. "They're recognizing that even though money is hard to come by, cybersecurity is certainly not an area where you can afford to scally con- strain, " he said. "We always worry about someone breaking in, but with the telecommuni- cations supply chain threats, the threat is built into your system --- your hardware, middleware, software, " Barnett said. "I don't think anyone in the government has the authority to do anything about the telecommunications supply chain. This is a major problem. " Another problem is that cybersecu- rity education needs to start early, and "we need to appreciate that this is not something we can continue to go after and hire more super, highly technical people in the IT world and expect them to solve our problems, " Tipton said. "As badly as we need people like that, we need broader skills just as much, if not more so. " In 2013 there will be a sharper focus on taking action, Barnett said. "We've got to move to the question of what is the most effective way for us to ensure cybersecurity, and then do just that, " he added. "We've got to do something about it. " That will not be easy, and the rise of social media and mobile devices adds to the challenges. "It's always going to become more complex, " Rhodes said. "It's just now with the ubiquity of the wireless environment and everyone walking around with their entire com- puting world in their hand --- tablet or midsize or small mobile device --- it just complicates things a lot more. " Still, there has been progress. "I think it's a year of realization that this is a very complex and serious task, and agen- cies have taken steps to bring into order some of the things that have been out of order, " Pattinson said. A timeline of cybersecurity events in 2012 MARCH: A data breach at EPA affects 5,100 employees and 2,700 other people whose addresses, Social Security numbers and bank- routing information were in the agency s database. DHS issues alerts warning of a cyber intrusion cam- paign against U.S. gas pipelines. MAY: Anonymous obtains 1.7G of sensitive data from the Bureau of Justice Statistics and posts it on The Pirate Bay le-sharing site. JUNE: Hackers steal user names, passwords, e-mail IDs, and security questions and answers for all users of the Navy s Smart Web Move site and DHS Transportation Worker Identi cation Credential website. U.S. aerospace industry experts attending the 2013 IEEE Aerospace Conference are targeted by a phish- ing campaign. JULY: NSA Director Gen. Keith Alexander says there was a 17-fold increase in cyberattacks against U.S. critical infrastructure from 2009 to 2011. SEPTEMBER: Anonymous claims to have hacked an FBI database containing 1 million Apple user IDs. FBI of cials deny the breach, and a private rm eventually admits to being the source of the stolen data. OCTOBER: Defense Secretary Leon Panetta outlines a new cybersecu- rity policy in a speech to Business Executives for National Security. An unencrypted NASA laptop is stolen from an employee s vehicle, expos- ing personally identi able informa- tion on 10,000 employees. NOVEMBER: The Senate s nal attempt to bring a cybersecurity bill to a vote fails on the rst day of Con- gress lame-duck session, effectively killing the legislation for 2012. DECEMBER: The latest version of a draft executive order on cybersecu- rity is circulated to relevant agencies for comment. Sources: Center for Strategic and International Studies, DarkReading.com, FCW reporting Communications Commission's Public Safety and Homeland Security Bureau. What is also different from previous years is the recognition from senior gov- ernment leaders that the cyber threat is real, and digital assets, infrastructure and information must be protected, Rhodes said. "It's very hard to argue a secure pos- ture if there isn't recognition at the top of the pyramid that the threat is real and that we are under attack, " he said.
November 30, 2012