by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : July 15, 2013
July 15, 2013 FCW.COM 23 particularly among organizations seek- ing to boost the sophistication of their existing virtualization deployments. In that vein, SDN provides a step on the path toward the software-de ned data center, he added. Mobile tech development Mobile app development activities tend to be dispersed throughout an organization, creating the potential for redundancy, inconsistent look and feel, and uneven quality. The com- ing months, however, will likely see greater coordination of mobile soft- ware creation. Some agencies have already taken steps in that direction. The Depart- ment of Veterans Affairs is establish- ing a governing board that will serve as a single, VA-wide source of guidance on mobile development. The board is being set up primarily at VA s Veter- ans Health Administration, with the participation of the Veterans Bene ts Administration and the National Cem- etery Administration. Dave Peters, an assistant deputy CIO at VA, said the board functions infor- mally for now but is on track for formal approval in the next month or so. He said it will serve as a single point of intake for projects and will review proposals for potential projects. In addition, it will de ne mobile devel- opment policies that do not fall within the purview of other parts of the orga- nization, such as information security. "Anyone can submit an idea, and the intent is for the board to decide whether the idea is a good one and whether or not development should proceed," Peters said. In 2014, the board might take on additional tasks. For instance, it could play a role in promoting a uniform app style, and Peters said it would be ideal for the board to tackle establishing a consistent look and feel across apps. Tim Hoechst, chief technology of - cer at Agilex, an IT solutions provid- er with an enterprise mobility focus, said more agencies are recognizing the need to have formality in mobile development. "The development of the app is as distributed as the running of apps in a mobile environment," he said. "The IT department is saying, How do we do this in an orchestrated way? " Hoechst said agencies can take a number of steps to provide that orches- tration. Those measures include con- sistent access to enterprise data via secure services, app-building tem- plates to ensure consistent aesthetics and usability, and automated tools for activities such as unit and integration testing. Development approaches such as agile and DevOps can also boost an organization s mobile app maturity. IT security The next seven months will see the unfolding of a cybersecurity frame- work that will identify security stan- dards and guidelines that will span a range of critical infrastructure sectors, such as energy and transportation. The National Institute of Standards and Technology is spearheading the effort. The framework s details will emerge out of a series of workshops in the next few months. A preliminary framework is slated for publication in October, with the final product expected by February 2014. The project and time- line stem from Executive Order 13636, which sets policies for protecting criti- cal infrastructure from cyberattacks. "It is a Herculean effort NIST is engaging in here," said Rick Comeau, executive director of the Security Benchmarks division at the Center for Internet Security. Comeau cited the framework s need to account for differences in how criti- cal infrastructure sectors operate while also addressing the regulatory compli- ance demands each sector faces. "We are asking for a framework that represents a great diversity of critical infrastructure sectors," said NIST Director Patrick Gallagher at a cybersecurity framework workshop in May. He added that companies ranging from small utilities to large multina- tionals will need to implement the framework, and he hopes the gov- ernment will also take full advantage of it. NIST plans to incorporate existing security standards into the framework rather than invent new ones. Comeau said the SANS Institute s 20 Critical Security Controls for Effective Cyber Defense could help shape NIST s ini- tiative. He also cited the IEC 62443 standard for industrial automation and control systems as potentially playing a role in the framework. Rahul Kashyap, chief security archi- tect at Bromium, a developer of soft- ware solutions for endpoint security, said the scope of critical infrastructure extends beyond government and indus- try to anyone who uses an Internet- connected device to access sensitive information. "It s been proven many a time that adversaries have in ltrated into sensi- tive environments by breaching human trust and attacking underlying vulner- abilities in the applications people use," Kashyap said. ■ "ADVERSARIES HAVE INFILTRATED INTO SENSITIVE ENVIRONMENTS BY BREACHING HUMAN TRUST AND ATTACKING UNDERLYING VULNERABILITIES."
June 30, 2013
July 30, 2013