Latest Blogs

Congress isn’t in session this week or next, there are still some key items happening... and I don’t mean the cherry blossoms or NHL playoff hockey.  Here’s the latest...


Key Takeaway: DATA Act Passes Senate; House Passage Likely

Be the first person to recommend this.

Key Takeaway State and Local Cyber Framework Kickoff and Incentives

On Thursday, March 27, the National Institute for Standards and Technology (NIST) hosted a State and Local Government Cybersecurity Kick-off Event.  The event, which hosted a cross-section of state and local officials both in person and via webcast, provided an overview of the framework, incentives available to the state and local governments, and action being taken by stakeholder groups such as the National Governors Association (NGA) and NASCIO.  NASCIO Executive Director Doug Robinson presented on current trends in state cybersecurity and NASCIO activity around the framework as part of the event.  A number State CIOs and CISOs attended the event in person.

Be the first person to recommend this.

The Secretariat to the Identity Ecosystem Steering Group (IDESG) announced the following results for the 2014 Election for Stakeholder Delegates. Congratulations to Dave Burhop from the Common Wealth of Virginia. Dave will also be speaking at the NASCIO Midyear conference in Baltimore, MD.
  • Delegate, 1. Privacy & Civil Liberties: Adrian Gropper (Patient Privacy Rights)
  • Delegate, 2. Usability & Human Factors: Steve Bruck (BruckEdwards, Inc.)
  • Delegate, 3. Consumer Advocates: Jim Barnett (AARP)
Be the first person to recommend this.

Lots to cover this week, but first, let me wish everyone a good Saint Patrick's Day / Purim. It's the best holiday mash-up since thanksgivukkah. On to the news...
Key Takeaway:
FCC Seeks More Information on E-Rate Modernization

The FCC is continuing its look at how to support the President’s

Be the first person to recommend this.

You’ll be forgiven if you missed that the administration released its 2015 budget this week, as most of the news focused on the crisis in Ukraine. While budget caps make unpacking this budget a more straightforward affair than in some other years, it still gives solid insight into the priorities of the administration.


While there are breakdowns of the overall tech budget available

Be the first person to recommend this.

FROM THE IDESG:

We are looking forward to our 8th Plenary at Symantec Headquarters in Mountain View, CA. IDESG, Inc. greatly appreciates Symantec's sponsorship of this upcoming Plenary. Unlike previous Plenary Meetings,
ADVANCED REGISTRATION IS MANDATORY for the 8th Plenary Meeting in order to comply with Symantec Security and Visitor NDA (non-disclosure agreement) pre-requisites.

 

IDESG 8th Plenary Meeting

April 1-3, 2014

Be the first person to recommend this.

States to get security services to boost cyber info sharing

Source: GCN

The Department of Homeland Security is rolling out a plan to offer states and territorial government organizations a set of free managed security services, including intrusion detection and prevention, netflow analysis and firewall monitoring.

The services will be provided by the Center for Internet Security’s Multistate Information Sharing and Analysis Center (MS-ISAC), a 24x7 operations center that provides real-time network monitoring, threat warnings and incident mitigation and response. 

The plan is part of a multipronged effort to boost government threat information sharing and cooperation called for in the National Institute of Standards and Technology’s Cybersecurity Framework, a set of voluntary guidelines released by NIST in February to promote the protection of critical systems and management of cybersecurity risk. 

Phyllis Schneck, DHS deputy undersecretary for cybersecurity for the National Protection and Programs Directorate (NPPD), said making the managed services available and adopting the NIST framework a key step making local government information systems secure. 

Be the first person to recommend this.

Key Takeaway: The Governors Take D.C. For Winter Meeting
If it was a bit quieter in your state the last few days, it may be because your Governor was in Washington, DC.  The National Governors Association (NGA) held its Winter Meeting, along with the Democratic or Republican Governors Association meetings that are held in conjunction.

Be the first person to recommend this.

ICANN Issues Advice to IT Professionals on Name Collision Identification and Mitigation

 

ICANN, the international body responsible for oversight of the Internet’s Domain Name System (DNS), has issued comprehensive advice to IT professionals worldwide on how to proactively identify and manage an issue known as “domain name collision”.

 

In a report titled Name Collision Identification and Mitigation for IT Professionals, ICANN explains the nature and causes of name collision and proposes a range of possible solutions.

 

A name collision occurs when an attempt to resolve a name that is used in a private name space (e.g., under a non-delegated Top Level Domain, or a short, unqualified name) results in a query to the public DNS.  To explain the issue using an analogy, consider calling for “Mary” in your office where you’ve assumed there’s only one “Mary”, and then calling out “Mary” in a shopping mall and expecting that “office Mary” will respond.

 

Domain name collisions are not new.  However, with up to 1,300 new generic Top Level Domains (TLDs) being introduced over the next year, there is an increased level of concern and ICANN is ensuring that IT professionals are aware of the issue.  The ICANN report addresses some concerns that a number of applied-for new TLDs may be identical to names used in private name spaces.

Be the first person to recommend this.

The big news last week centered around the release of the Cybersecurity Framework on Wednesday.  Well, the framework and a major storm that caused the greatest cancellation of flights since September 11, 2001

Be the first person to recommend this.

Welcome to the Olympic opening ceremony edition of the Weekly WHAT. We've got championship coverage of the FCC outlining plans on E-Rate, the House of Representatives making real (bipartisan!) progress on cybersecurity, and more. If you're in the mood for something more olympic focused, check out how russian hackers are taking it to visitors and journalists. Otherwise, here's what's going on back stateside:


Key Takeaway:

Be the first person to recommend this.

Be the first person to recommend this.

In late December, the Office of Management and Budget (OMB) completed the herculean effort of streamlining a raft of government documents that guide how agencies provide grant money to non-profits, state and local governments, academia, and others.

The goal was to “ease administrative burden” while also finding ways to “reduce risks of waste, fraud, and abuse.”  The reforms shifts the federal view of information technology from desktop computing and wires in the closet to shared services in the cloud and large-scale infrastructure projects.  In short, the post-reform view fits modern IT business practices.

Be the first person to recommend this.

Source: Homeland Security Newswire
Cybersecurity
Cal Poly unveils ambitious cybersecurity educational initiative
Published 29 January 2014

Cal Poly, with a grant from the Northrop Grumman Foundation, has established a Cybersecurity Center, opened a new cyber lab, and is developing a cybersecurity curriculum with an ambitious set of goals in mind: educating thousands of students in cybersecurity awareness and readiness; producing experts in cyber technologies and systems, including many professionals who will serve the military and defense industry; and graduating cyber innovators who are prepared for advanced study and applied research in emerging cyber issues.

With the establishment of a Cybersecurity Center, the opening of a new cyber lab, and the development of cybersecurity curriculum, Cal Poly says it is poised to become a leading supplier of cyber-ready experts, professionals and innovators.

This

Be the first person to recommend this.

APHSA’s NWI’s Financing Committee developed a white paper outlining the existing opportunities available for state human service programs. The paper, A-87 Exception Toolkit for Human Service Agencies: Description of the Exception and Recommendations for Action, provides an depth look at what the Exception entails, the potential savings to states upon approval/implementation, what is still able to be built in the time remaining and helpful strategies states may think about in furthering their efforts to take advantage of this time-limited exception with their Medicaid agencies at significantly lower cost between now and the end of 2015. Even though the incremental cost of adding component functionality that does not benefit Medicaid must be paid by the non-Medicaid program, the result can mean significant savings to state budgets. As you are also aware, this funding opportunity is available whether or not a state has expanded its Medicaid population under the Affordable Care Act (ACA) or developed a state-based Marketplace.

The full report is attached and available a

Be the first person to recommend this.

Because I never want to go outside into the frozen tundra that is DC ever again, expect multiple posts from me over the next week or so.  To those of you in the east, keep warm!  Here’s your Weekly Washington Headlines And Tech…


Key Takeaway

NASCIO Releases Federal Advocacy Priorities

Be the first person to recommend this.

Source: NSTIC NOTES

Creating Trustmark Compounds from Trust Elements

Authored by: Kat Megas and Ken Klingenstein

Recently, there has been considerable discussion within the Identity Ecosystem Steering Group (IDESG) and elsewhere regarding trust frameworks, trustmarks, accreditation criteria, and identity ecosystems. “Traditional” trust frameworks and trustmark models – which were historically developed within monolithic schemes with a requirement for accountability to a single enterprise program – are starting to evolve to accommodate a broader extent of trust federation. Cross-federation trust is also emerging, not only as a natural evolution of trust frameworks, but also as a logical next step towards standardization of services and business drivers for participants. As we look to advance the National Strategy for Trusted Identities in Cyberspace (NSTIC), this sort of cross-federation trust is essential to a vibrant Identity Ecosystem.

Be the first person to recommend this.

Welcome to 2014 Weekly WHAT Readers!  Since NASCIO hasn’t sent me to CES, I suppose I have time to share one or two of the things you may have missed over the holidays.


Key Takeaway:
New National Infrastructure Protection Plan Released

Be the first person to recommend this.

From NIST:
2014 promises to be an exciting year for implementation of the National Strategy for Trusted Identities in Cyberspace (NSTIC). Our three complementary initiatives - facilitating the private-sector led Identity Ecosystem Steering Group (IDESG), launching the Federal Cloud Credential Exchange (FCCX), and funding the NSTIC pilot program – are hitting major milestones in 2014, contributing significantly to the emerging Identity Ecosystem envisioned in the nation’s strategy. We hope you will join us in Atlanta, Georgia January 14-16 to learn more, network with those engaged in NSTIC initiatives, and join in the important ongoing work of the IDESG. Virtual participation will also be available. Agenda highlights include:

White House Update. Andy Ozment, Senior Director for Cybersecurity, National Security Staff, will provide an update from the White House on the NSTIC as a key administration identity and privacy initiative and how it complements other national cybersecurity programs and frameworks. The Administration is pushing for increased funding for the NSTIC, enabling the NSTIC NPO to further catalyze the marketplace of trusted identity solutions through pilot grant funding and facilitate further the private sector-led Identity Ecosystem Steering Group (IDESG).

Be the first person to recommend this.

Good yuletide cheer for all in this last Weekly WHAT before we go on hiatus until the new year. Uncle Sam is dishing out quite a spread for the holidays, including a few key NASCIO priorities for 2013, including:  long-sought grant guidance reforms from OMB, NASCIO comments on the preliminary cybersecurity framework, and more!  Grab yourself a cup of Glögg, get close to the fire, and start making your holiday wish list.  Here’s the last Weekly WHAT of 2013...


Key Takeaway: All I Want For Christmas.... Is An OMB Omni-Circular

Be the first person to recommend this.

12345678910...