October 23, 2012    /    by

NASCIO and Deloitte Publish New 2012 Cybersecurity Survey for State Governments

Day 2 at the NASCIO annual meeting, and one hot topic is the new Cybersecurity survey results that were released this morning called

Day 2 at the NASCIO annual meeting, and one hot topic is the new Cybersecurity survey results that were released this morning called

 
Government Technology Magazine wrote a good summary of the security survey panel session which covered the report topic.
 
As I looked at the new survey results, I found several concerning trends that we didn't have time to discuss on the morning panel today. One of those trends was a reduction in vulnerability management implementations and less scanning of critical systems for vulnerabilities and malware. I am also concerned about the lack of trust that CISOs have in the level of expertise on their cybersecurity teams.
 
Another highlight was the majority of states reporting the same or less money for security programs at a time when the private sector is raising Cybersecurity budgets. A mismatch between "executive buy-in" and funding for security raises a red flag for me about how much real support exists.
 
I'm keeping this blog short, but I strongly urge you to go out and read the report and recommendations for CIOs and CISOs. Overall, there is a mixed message with some positive trends but also the realization that many states are not doing enough to secure their systems and data.
 
What are your thoughts on the survey results?
READ MORE

October 22, 2012    /    by

NASCIO Conference Day 1

Here are some of my highlights from the first day at the NASCIO Conference in San Diego

I am at the National Association of State CIOs Annual Conference in San Diego, and here are some of the first day highlights.

 The roundtable sessions over breakfast covered over a dozen topics, and I attended a session on BYOD led by the CIO from Delaware. The session was excellent with comparsions between public and private sector organizations on the use of different mobile devices. All of the topical discussion sessions seemed well attended, and it was a great way to engage professionals from around the country with different approaches to this cutting-edge issue. READ MORE

October 19, 2012    /    by

NASCIO Annual Conference 2012

The National Association of State Chief Information Officers (NASCIO) is holding their annual conference in San Diego this year from October 21-24, 2012.

The National Association of State Chief Information Officers (NASCIO) is holding their annual conference in San Diego this year from October 21-24, 2012.

The agenda is packed with many interesting topics, such as an opening keynote by Ken Miller, Founder, Change & Innovation Agency. Here’s how this 90-minute session is described in the program: READ MORE

October 18, 2012    /    by

Will Patch Tuesday Ever End?

Patch Tuesday is just around the corner, and I feel an urge to rant.

Another Patch Tuesday is just around the corner, and I feel an urge to rant.

In reality, the actual day each month is just a part of an ongoing cycle. Like a coach’s preparation for the next football game on the schedule. We even tell our rookies, “Don’t worry, we’ve got this down to a science. Just study the playbook and learn the system.”   READ MORE

October 14, 2012    /    by

Iranian hackers blamed for massive new cyberattacks

Senior officials in the U.S. government believe that Iranian hackers are responsible for a new wave of significant cyberattacks. What does this mean?

Senior officials in the U.S. government believe that Iranian hackers are responsible for a new wave of significant cyberattcks. These unprecedented cyberattacks were very destructive in nature, and crippled several Persian Gulf oil and gas companies.

Last week, CBS News reported that “U.S. officials say a cyber attack against ARAMCO, has been traced to hackers inside Iran. This attack is yet another volley in an increasingly high stakes war going on in cyberspace. Defense Secretary Panetta warns that potential enemies, including Iran, are developing the capability to launch devastating attacks.” READ MORE

October 8, 2012    /    by

From Cyberbully To Responsible Cybercitizen To Online Ambassador For Good

What actions steps can we take to improve cyberethics at home and work?

Steven Spielberg is known as one of the best movie directors ever. Spielberg once said that his primary motivation for making movies was his fears and anxieties. “I had no way to sublime or channel those fears until I began telling stories to my younger sisters. This removed the fear from my soul and transferred it right into theirs.”

In the ABC Family Movie Cyberbully, Taylor Hillridge is a teenage girl who finds herself the victim of cyberbullying when she becomes a member of a social website. As the movie progresses, the significant damage that cyberbullying can cause becomes clear when Taylor tries to overdose on medication pills. Through therapy and a healing process, she learns that she is not alone.   READ MORE

September 29, 2012    /    by

Digging Deeper Into Cyberspace: What Are The Ethical Problems?

Albert Einstein once said, "If I had one hour to save the world, I would spend 55 minutes defining the problem and only five minutes finding the solution." So how can we even begin to define cyberspace and take baby steps towards enabling the good and disabling the bad?

Albert Einstein once said, “If I had one hour to save the world, I would spend 55 minutes defining the problem and only five minutes finding the solution.”

So how can we even begin to define cyberspace and take baby steps towards enabling the good and disabling the bad?  This is part two of a three part series on cyberethics. Last time, I described the need for regular online cyber check-ups, similar to visits to our dentists’ or doctors’ offices. READ MORE

September 23, 2012    /    by

Online Checkup: Why Cyberethics Matter More Than You Think

When we go to the dentist for our semi-annual checkup and teeth cleaning, we typically get asked a series of questions about recent patterns of personal behavior. Perhaps its time for instituting a regular cyber check-up?

  When we go to the dentist for our semi-annual checkup and teeth cleaning, we typically get asked a series of questions about recent patterns of personal behavior. After a few moments of small talk about the weather and traffic, my dental hygienist (abbreviated hereafter in this blog as DH) always jumps straight to the point:

DH – “Been brushing?” READ MORE

September 16, 2012    /    by

Latest Trends From The Illinois Cyber Security Forum 2012

I had the opportunity to travel to Springfield, Illinois, during this past week to speak at the Illinois Cyber Security Forum. This blog offers some of the highlights, random thoughts and what I lessons learned during the trip.

Illinois Flag

“What’s the best way to become more engaged in this security buzz?” READ MORE

September 9, 2012    /    by

Is a Presidential Executive Order Coming on Cybersecurity?

Over the past few days, numerous news sources reported that President Obama is strongly considering an executive order on cybersecurity. It appears cybersecurity is becoming more political.

Over the past few days, numerous news sources reported that President Obama is strongly considering an executive order on cybersecurity. Here’s a sampling of the news reports:

BloombergBusinessweek: Obama Weighs Executive Order to Defend Against Cyber Attacks READ MORE