Frequent Technically Speaking blogger Van Ristau, CTO at DLT Solutions, is this year’s moderator for the GovDefenders’ panel on the Framework for Improving Critical Infrastructure Cybersecurity. He was kind enough to answer a few of our questions about it.
We’ve reached the halfway point of 2013, which also signals the beginning of the federal fiscal year end (FFYE). This is a good time to take a second and survey what we’ve seen so far and what we can expect over the next six months. This is part two of my CEO Insight in which I'll talk about cybersecurity, state and local, financing, and the federal fiscal year end.
During this panel, experts compared and contrasted security risks, responsibilities, and approaches of on-premise IT and the shared security model of the public cloud. Conversations explored topics from FedRAMP, shared resources, continuous monitoring, data management, and automation.
Jim Wiggins is the Executive Director of the Federal IT Security Institute (FITSI). FITSI is a non-profit organization that provides a role-based IT security certification program targeted at the federal workforce. Jim was a keynote speaker at our recent GovDefenders Cybersecurity Virtual Event. His presentation was, “Building the Next Generation of Cyber Defenders" which you can now watch for free.
John Nicholson's is the President of the Washington D.C. Metro Chapter of the Cloud Security Alliance (CSA) and was a keynote speaker during the GovDefenders Cybersecurity Virtual Event. We've just posted his video: Security & Legal Issues in Cloud Adoption.
The GovDefenders Cybersecurity Event is now on-demand! Register and gain access to eight educational sessions, two keynotes, a panel, and over 100 cybersecurity resources from the world's top IT providers - for free.
Jim Wiggins is the Executive Director of the Federal IT Security Institute and the Wounded Warrior Cyber Combat Academy. He's one of the keynote speakers for this year's GovDefenders free online cybersecurity conference. We've sat down with Jim beforehand to discuss different aspects about cybersecurity training including why budgets for training are decreasing even when spending is increasing, what qualities to look for in a IT security professional, and how training has evolved over the last decade.
We are approaching the end of national “Cyber Security Awareness Month,” so let’s take a look at some top cybersecurity tips we should all adhere to:
“It's not the loud pronouncements by hacking groups or the highly visible denial-of-service attacks that scare cybersecurity experts. It's silence,” claims a recent Federal Times article. The article “Programs aim to get the word out when cyber attacks occur” brings light to the idea that one of the greatest tools against cyber attackers is the “relatively low-tech approach of sharing information about attacks.” The article continues on about a push for disclosure, explaining that the DoD has put forth ideas for a new Defense Federal Acquisition Regulation Supplement (DFARS) rule. The proposed DFARS rule would require contractors to provide “adequate security”, report cyber incidents within 72 hours, and review their networks to search for additional attack information. As always, the issue of cost tops the concerns about this communication technique. Not only would there be increased costs for the companies providing the “adequate security”, but government resources would have to be tapped in order to provide data analysis and enforcement of any resulting mandates.