In a sign that the traditional information security audit was failing to control increasing cyber-risk, the Office of Management and Budget has ordered federal agencies to adopt a real-time approach to cyber threats. In a memo issued Wednesday, Agencies will be expected to constantly collect information on cyber threats and submit it to the Homeland Security Department, which will analyze the data and offer advice on best practices.
"Agencies have spent too much time, money and energy on generating paperwork that they end up filing away in these secure cabinets and they don't end up protecting systems," said Vivek Kundra, the government's chief information officer, in an interview published in Federal Times.
Kundra and Howard Schmidt, White House Cybersecurity Coordinator, said that the new policy points toward continuous monitoring and patching of federal systems, and also toward the deployment of cybersecurity systems that better position the government against constantly evolving threats.
Read the entire story and download the OMB Memo at Information Week ...
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
▼
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
-
▼
April 2010
(39)
- NSA Reviews Future Cybersecurity Techniques, Techn...
- Facebook's Social Web: Protecting Your Privacy
- Rapport: A Potential Tool for Lowering Risk of Onl...
- Congressman Asks FTC to Investigate Privacy Risks ...
- Infamous Spam-Sending "Storm Worm" Stages a Comeback
- Report Shows Weaknesses in Anti-Virus Engines
- Money Mules: The Final Link in Getting Your Money ...
- Cybercriminals Learn to Hide Their Malware From Se...
- Analysis of 43 Online Bank Thefts Illustrates Dive...
- White House Moves to Focus Cybersecurity Strategy ...
- Symantec 2009 Global Internet Security Threat Report
- Fire Alarm Company Burned by e-Banking Fraud
- Cybercriminals Take Advantage of McAfee Snafu
- Social Engineering Case Study: Google Hackers Dupe...
- McAfee Antivirus Software Locks Up PCs
- Health Care Survey: Slow Hospital Compliance with ...
- China-Google Controversy Illustrates Cloud Securit...
- Rent-a-Fraudster: A Fascinating Look at the Cyberc...
- GAO report says IRS Blase' about Cybersecurity
- Mozilla Disables Insecure Java Plugin in Firefox
- A Security Flaw in Palm Pre Demonstrates Need for ...
- California Senate Passes Strengthened Data Breach ...
- Changing Culture Improves Organization's Data Priv...
- Visitors to Web Sites Hosted by Network Solutions ...
- $500 Buys Entry-Level Cybercrime Exploit Pack
- Java Patch Targets Latest Attacks
- U.K. Approves Crackdown on Internet Pirates
- In cyberwar, who's in charge?
- ISP Privacy Proposal Draws Fire
- Cybersecurity Coordinator Howard Schmidt: Private ...
- Computer Crooks Steal $100,000 from Ill. Town
- Researchers begin work on 'sophisticated' security...
- e-Banking Guidance for Banks & Businesses
- Security Updates for Foxit, QuickTime/iTunes
- Cyber Security Survey Finds Businesses' Most Valua...
- Cybercriminals Find Way to Test Malware Before Lau...
- Java Patch Plugs 27 Security Holes
- Cybercrime Gangs Fight Each Other Over Desktops
- Washington State Law Requires PCI Compliance; Allo...
- ► March 2010 (65)
- ► February 2010 (38)
- ► January 2010 (27)
-
►
2009
(83)
- ► December 2009 (17)
- ► November 2009 (7)
- ► October 2009 (9)
- ► September 2009 (22)
- ► August 2009 (17)
- ► February 2009 (1)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com