by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : December 2013
December 2013 FCW.COM 9 Two government agencies and a public/ private partnership issued recommen- dations --- and some new requirements --- for building cybersecurity into the systems, controls and platforms that underpin critical infrastructure. The National Institute of Standards and Technology, which is also develop- ing an overarching federal cybersecu- rity framework, convened workshops earlier this year with the nonprofit Cyber Security Research Alliance to create a road map for designing built- in critical infrastructure secu- rity. The group --- a mix of representatives from govern- ment, industry and academia --- released a comprehensive report Nov. 20 that highlights ways to secure vulnerable public-facing IT systems. The joint NIST/CSRA report comes on the heels of a Nov. 18 memo from the Of ce of Management and Budget that provides a framework for federal agencies to use to manage risk and continuously monitor critical IT networks and systems. "It s important to point out that cyber-physical systems pretty much touch our lives in just about everything we do today," said Lee Holcomb, presi- dent of CSRA and director of transfor- mation integration at Lockheed Martin. "They include all modes of transpor- tation, energy, health care, consumer electronics. Pretty much everything we do on a daily basis in some way touches some part of CPS. Protecting those systems is really important, and that was what we took on." CSRA and the recent report focus on CPS, which includes IT systems that support industrial controls, data com- munications and public utilities. The report s ndings target the establish- ment and improvement of common taxonomy, architectures, metrics, best practices, standards, interoperability, and other methods to improve systems resiliency and encourage cybersecurity efforts. It also calls for the establish- ment of CPS curricula to ensure that the workforce has adequate skills and expertise. Holcomb added that CSRA mem- bers are conducting further research and implementing numerous ndings in the report. Meanwhile, OMB has chosen a phased approach and set a 2017 deadline for agencies to deploy information security con- tinuous monitoring (ISCM) tools that provide dynamic and proactive cybersecurity. OMB s memo also speci es the use of strategic sourc- ing to "minimize the costs associated with implement- ing requirements of the risk management framework." The memo includes eight steps for instituting ISCM across the government and assigns speci c responsibilities to the Department of Homeland Security and NIST, including the establishment of a federal dashboard for ISCM, coordination with the PortfolioStat and CyberStat programs, and ongoing guidance. "By strengthening the underlying information technology infrastructure through the application of state-of- the-art architectural and engineering solutions, and leveraging automa- tion to support the implementation of the risk management framework (which includes the ongoing monitor- ing of security controls), agencies can improve the effectiveness of the safe- guards and countermeasures protect- ing federal information and information systems in order to keep pace with the dynamic threat landscape," OMB Direc- tor Sylvia Burwell wrote in the memo. --- Amber Corrin New guidelines issued for building cyber into critical infrastructure 800,000 daily visitors can be supported by HealthCare.gov as of Nov. 30, administration of cials claim. Lee Holcomb Supporters renew push for data center bill Rep. Anna Eshoo (D-Calif.) intro- duced a bill designed to improve the energy ef ciency of federal data centers in February that could wind up as part of a broader energy bill in the Senate. Backed by Sens. Jeanne Shaheen (D-N.H.) and Rob Portman (R-Ohio), the latter bill would create a volun- tary rating program along the lines of Energy Star to encourage supply chain ef ciency and rewrite national building codes to require more energy-ef cient construction. A provision on data center con- solidation was added to the bill when it was rst considered in the Senate, and a similar provision is likely to be included if a new version of the legislation reaches the Senate oor. Speaking at an event convened by the Information Technology and Innovation Foundation, Eshoo noted that federal data centers are respon- sible for 10 percent of all U.S. data energy use, which adds up to about $600 million annually. Her legislation would require the Of ce of Management and Budget to develop a governmentwide strat- egy on energy ef ciency and focus on improving the use of IT assets and establishing metrics for tracking savings and performance. In that same vein, a measure that would provide an accurate count of federal data centers and establish metrics for a consolidation initiative spearheaded by U.S. CIO Steven VanRoekel was proposed as an amendment to the Senate's defense authorization bill in November. --- Adam Mazmanian
November 30, 2013