December 18, 2011    /    by

What is the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness (PrECISE) Act?

A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act), the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.

A new cybersecurity bill was introduced by members of the House Homeland Security Committee on Thursday, December 15, 2011. Named the “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act (PrECISE Act),” the proposal would establish a federal overseer as a quasi-government agency which would coordinate information sharing between the private and public sector.

According to thehill.com, the new bill: READ MORE

December 7, 2011    /    by

Career Advice: Professionals Can Learn About Success, Humility and Endurance from Tim Tebow

Despite his weaknesses, Tebow is winning over the hearts and minds in America. We love our underdogs, because most of us have our failings and weaknesses too. Our lives are full of the critics,... We just dont see our mistakes paraded around as publically or as often as Tim Tebow.

Technology and security careers are full of ups and downs - new opportunities and unexpected challenges.

Sometimes we work hard, succeed, accomplish a series of goals, get promoted and/or receive recognition. But what happens next? Friends, close colleagues and family tell us to stay humble, but that’s easier said than done. Dealing with success can actually be a difficult challenge. As I’ve written in other blogs, security professionals often have problems in this area at some point in their careers and may need a large helping of humble pieREAD MORE

December 1, 2011    /    by

Mobile Phone Firestorm: Carrier IQ Software Causing Privacy Concerns

Privacy concerns are growing regarding the use of Carrier IQ software in many mobile phones.

 Privacy concerns are growing regarding the use of Carrier IQ software in many mobile phones. Numerous sources such as Computerworld are reporting that AT&T and Sprint use the software on handsets. Here's an excerpt:

  "Amid what's snowballing into a major privacy controversy, AT&T, Sprint, HTC and Samsung today confirmed that that their mobile phones integrate a controversial piece of tracking software from a company called Carrier IQ. READ MORE

November 27, 2011    /    by

Cyber Monday: Are You Shopping From Work?

Its that time of year again. Cyber Monday has arrived, and recent survey results say that 50% of Americans do some holiday shopping from work.

It’s that time of year again. Cyber Monday has arrived, and recent survey results say that 50% of Americans do some holiday shopping from work.  (This number is actually down from 52% last year.)

This topic is not new, and I find it interesting to look back at the (brief) history of Cyber Monday in America. Four years ago, Government Technology Magazine asked what government organizations should do about Grinch.exe? The five suggestions are still fairly relevant; however, new advice is offered elsewhere around smartphones. READ MORE

November 23, 2011    /    by

New Report: Illinois Water System Was Not Hacked

The Department of Homeland Security (DHS) announced that the Illinois water system in Springfield was not hacked.

  The Department of Homeland Security (DHS) announced that the Illinois water system in Springfield was not hacked.

 According to Reuters: READ MORE

November 21, 2011    /    by

Hacking Illinois Water: Seven Questions and Six Answers

The top technology story at the end of last week involved multiple news sources reporting a cyber attack that penetrated a US public water system in Illinois. Heres what we know, and what we dont.

The top technology story at the end of last week involved multiple news sources reporting a cyber attack that penetrated a US public water system in Illinois. Here’s what we know, and what we don’t.

Question 1) What happened to prompt the concern? READ MORE

November 13, 2011    /    by

Hacker Group Spends Years Developing Sophisticated Duqu Trojan

The Duqu Trojan, which is also known as son of Stuxnet, was discovered just two months ago and is getting headlines for the sense of humor that its creators have revealed in the code. According to Kaspersky Lab, the hacker group behind the Duqu Trojan may have been working on the code for more than four years.

The new Duqu malware is a sophisticated Trojan that appears to be similar to the more well known Stuxnet code. Headlines over the weekend were telling stories about both the effects in Iran, as well as offering reports that the malware was now “under control.”

According to Kaspersky Lab, the hacker group behind the Duqu Trojan may have been working on the code for more than four years. The article describes the stages of attack and actions at each stage. Here’s an excerpt, but the entire article is worth reading: READ MORE

November 6, 2011    /    by

Cyber Crime: Hackers Are Hacking Each Other Too

New reports sound like they could be promoting a popular television drama series on mobsters - with a new technology twist. Something like: The Sopranos go cyber.

  New reports sound like they could be promoting a popular television drama series on mobsters - with a new technology twist. Something like: “The Sopranos go cyber.”

 That’s right, we now know that hackers have formed gangs and hack each other. Computerworld ran this story which describes: Hacker selling access to compromise websites gets hacked. Here’s an excerpt: READ MORE

October 30, 2011    /    by

New Core Services Taxonomy for State IT Security Programs

The National Association of State Chief Information Officers (NASCIOs) Security and Privacy Committee has released a new report entitled: The Heart of the Matter: A Core Services Taxonomy for State IT Security Programs.

The National Association of State Chief Information Officer’s (NASCIO’s) Security and Privacy Committee has released a new report entitled: The Heart of the Matter: A Core Services Taxonomy for State IT Security Programs. The PDF version of the document is available for free download from the NASCIO Publications website.

Why is this document important and worth reading? Here’s an excerpt from the opening paragraph: READ MORE

October 22, 2011    /    by

Weatherford an Excellent Choice for DHS Deputy Undersecretary for Cybersecurity

Mark Weatherford has been named as the new deputy undersecretary for cybersecurity at the Department of Homeland Security (DHS). Mark is a thoughtful executive who has both military service and hands-on experience dealing with every aspect of our cyber ecosystem. I am confident that he is the right person for this job as we head into 2012.

According to Politico and other sources, Mark Weatherford has been named as the new deputy undersecretary for cybersecurity at the Department of Homeland Security (DHS). Mark will fill the role formerly held by Philip Reitinger, who resigned in May.

Politico wrote: “Weatherford will manage the department’s cybersecurity operations, which include overseeing the agency's partnership with the private sector and security of the dot-gov network. The Obama administration gave DHS an elevated role in managing the federal government’s cyber defenses in its legislative proposal released this spring, making Weatherford a key player for the government.” READ MORE