by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : December 2013
The Department of Homeland Security has completed its transition to a new tool for managing risk across its mul- titude of network operations. Telos Xacta IA Manager will help DHS ensure enterprisewide compli- ance with information assurance policies. Of cials will use the tool to moni- tor access, plans of action and mile- stones, control assessments and ongo- ing authorizations. "We have implemented common controls across the entire enterprise," said Richard Johnson, DHS branch chief for technology implementation. The framework covers all 22 of DHS component agencies. Of cials were drawn to the Telos tool because of its continuous moni- toring capabilities, which include the ability to identify and measure the security implications of planned and unscheduled changes to hardware and software, and the ability to weigh potential cyber threats, Johnson said. In addition, the system allows secu- rity scans to be linked to controls. Pre- viously, that information might have been sent back to a database and not acted on immediately. Johnson said Xacta will provide DHS with a portal for adopting the workflow and controls associated with the Federal Risk and Authoriza- tion Management Program, which is intended to save time and money for agencies moving data to cloud-based systems by eliminating the security testing step. FedRAMP was designed to make the assessment process more ef cient by providing a "do once, use many times" framework for cloud-based services. --- Mark Rockwell DHS puts risk management system in place TANK As the federal government works to foster an environment that ties iden- tities to a central, reliable source to defend against tampering, cyber crimi- nals are developing new ways to get around the digital signature applica- tions that protect users of smartphones and personal computers. According to McAfee Labs Threats Report for the third quarter of 2013, a new family of mobile phone malware allows attackers to bypass the digital signature apps on Android devices. Those new threats contributed to a 30 percent increase in Android-based malware during that period. "The efforts to bypass code valida- tion on mobile devices and comman- deer it altogether on PCs...represent attempts to circumvent trust mecha- nisms upon which our digital eco- systems rely," said Vincent Weafer, senior vice president of McAfee Labs, in a statement. "The industry must work harder to ensure the integrity of these technologies given [that] they are becoming more pervasive in every aspect of our daily lives." At the federal level, the National Institute of Standards and Technology is spearheading the Obama adminis- tration s National Strategy for Trust- ed Identities in Cyberspace, which seeks to improve the privacy, securi- ty and convenience of sensitive online transactions through the creation of an "identity ecosystem." NIST and NSTIC identity management experts say government credentials that trans- late across agencies are essential to such a system. As part of that effort, the U.S. Postal Service launched the Federal Cloud Credential Exchange to allow indi- viduals to obtain credentials from an approved external provider for use with all online services offered by participating agencies. Those efforts, however, face a con- tinuous barrage of fresh challenges. Along with the new smartphone mal- ware, McAfee researchers found steady growth in mobile and overall malware and a sharp upturn in spam worldwide during the third quarter of 2013. --- Mark Rockwell Cyber crooks target digital signatures December 2013 FCW.COM 7 Trending is the date of USDA Secretary's Memo 1509 calling for shared use of the agency's computer centers (see Page 16). 7/31/62
November 30, 2013