NIST Publishes IT Supply Chain Risk Guidance, FBI Explores Wisconsin Payroll Hack and more

Here are the top cyber news and stories of the day.

  • NIST publishes IT supply chain risk guidance - Supply Chain Risk management will be a growing concern as we continue to source almost all of our silicon and technology from foreign countries. The NIST document “calls for procurement organizations to establish a coordinated team approach to assess the ICT supply chain risk and to manage this risk by using technical and programmatic mitigation techniques.” Full document here. Via FedScoop, more here.
  • VanRoekel: Open data policy to be published in early 2013 - The OMB is planning to release a government-wide open data policy next year. Federal CIO VanRoekel says the policy will be informed by open data initiatives now underway by the Presidential Innovation Fellows.” VanRoekel sees these policies as informing the way agencies buy. Via FierceGovernmentIT, more here.
  • Standardising cloud encryption is key to improving security - The first problem that we lawyers have when we hear “data” and “cloud” used in the same sentence is that data is valuable, and the cloud concentrates that value.” Via TechWorld, more here.
  • FBI explores $150,000 payroll hack at Wisconsin school - A hacker rerouted $150,000 from a school payroll into a bank account. It appears that the money was rerouted in transfer, rather than at the bank. Via InfoSecurity Magazine, more here.
  • ‘Significant deficiency’ with Social Security Administration cybersecurity, say auditors - The SSA’s annual FISMA report is not looking rosy for the agency. There are issues with the continuous monitoring strategy, lack of access controls and weak controls allowing red-teamers to obtain PII. Via FierceGovernmentIT, more here.
  • DOD on target with data center consolidation - One of every 13 DoD data centers has already been shut down. DoD has shut down a total of 114 data centers, more than one-quarter of the federal data centers that have closed. This is a great first step, but only about one-tenth of the total data centers DoD needs to consolidate. Via Federal Computer Week, more here.
  • BYOD: Why Mobile Device Management Isn’t Enough - Michael Davis over at InformationWeek examines what to look for in mobile device management software. He takes a look at what limitations IT organizations face when allowing employee devices. Via InformationWeek Global CIO, more here.
  • New DoD safeguards for autonomous systems exempt cyber – The new rules which DoD issued 21 Nov to prevent collateral damage from autonomous weapons do not apply to cyber systems. Under the directive, autonomous and semi-autonomous weapon systems must be designed so human operators can exercise judgment over the use of force.” These issues will have ramifications on viruses such as Stuxnet and other cyber weapons. Via FierceGovernmentIT, more here.
  • Mobile Security Threats Expected in 2013 - The Dubai Chronicle has an excellent list of mobile security threats that may change in the new year. This includes cross-platform mobile threats and malware that resides in the App Stores. Via Dubai Chronicle, more here.

Sign up for your free CTOvision Pro trial today for unique insights, exclusive content and special reporting.

CTOvision Pro Special Technology Assessments

We produce special technology reviews continuously updated for CTOvision Pro members. Categories we cover include:

  • Analytical Tools - With a special focus on technologies that can make dramatic positive improvements for enterprise analysts.
  • Big Data - We cover the technologies that help organizations deal with massive quantities of data.
  • Cloud Computing - We curate information on the technologies enabling enterprise use of the cloud.
  • Communications - Advances in communications are revolutionizing how data gets moved.
  • GreenIT - A great and virtuous reason to modernize!
  • Infrastructure  - Modernizing Infrastructure can have dramatic benefits on functionality while reducing operating costs.
  • Mobile - This revolution is empowering the workforce in ways few of us ever dreamed of.
  • Security  -  There are real needs for enhancements to security systems.
  • Visualization  - Connecting computers with humans.
  • Hot Technologies - Firms we believe warrant special attention.

 

Recent Research

What The Enterprise IT Professional Needs To Know About Git and GitHub

3D Printing… At Home?

Tech Firms Seeking To Serve Federal Missions: Here is how to follow the money

Creating The New Cyber Warrior: Eight South Carolina Universities Compete

Mobile Gamers: Fun-Seeking but Fickle

Update from DIA CTO, CIO and Chief Engineer on ICITE and Enterprise Apps

Pew Report: Increasing Technology Use among Seniors

Finding The Elusive Data Scientist In The Federal Space

DoD Public And Private Cloud Mandates: And insights from a deployed communications professional on why it matters

Intel CEO Brian Krzanich and Cloudera CSO Mike Olson on Intel and Cloudera’s Technology Collaboration

Watch For More Product Feature Enhancements for Actifio Following $100M Funding Round

Navy Information Dominance Corps: IT still searching for the right governance model

solid
About Ryan Kamauff

Ryan Kamauff is a senior analyst with Crucial Point LLC. He produces technology focused content for CTOvision.com and reports on analytical megatrends at the new analysis focused Analyst One.