Government Cloud Authors: Elizabeth White, Pat Romanski, Dana Gardner, Liz McMillan, Gopala Krishna Behara

Blog Feed Post

Bidding Open on DHS’ $6B Security Hub, House report stresses sharing


DHSHere are the top news and stories of the day.

  • Vendors Question DISA’s Cloud Cost-Saving Claims – “Some contractors are questioning whether the Defense Department’s planned $450 million cloud-computing project will offer the most cost-effective solutions for its customers or merely resell industry products and services for a higher price.” The DISA cloud delivery project could offer shared services that increase the ability of the IC to meet their goals. It could also increase the ability of the IC agencies to share data with each other. Via Defense News, more here.
  • Oil, gas field sensors vulnerable to attack via radio waves - Researchers at IOActive have found a multitude of vulnerabilities in oil and gas field sensors. These monitor temperature and pipeline pressure among other things. The fact that more key sensors in ICS systems are found to be vulnerable is evidence of the inherent weaknesses in these systems and the need to secure them. Via ComputerWorld, more here.
  • Bidding is Open for the DHS’ $6 billion Security Hub – “The US Department of Homeland Security is putting into motion its plans to create a $6 billion repository for continuous monitoring security tools to be used by federal, state and local agencies.” “The suppliers will provide a centralized way for government agencies to procure hardware, software and consulting services for continuous monitoring and real-time threat detection.” The size and import of a hub such as this one should create a very interesting bidding and proposal process. Via InfoSecurity, more here.
  • Five charged with stealing 160+ million credit card numbers – “A federal indictment made public in New Jersey charges five men with conspiring in a worldwide hacking and data breach scheme that targeted major corporate networks, stole more than 160 million credit card numbers, resulted in hundreds of millions of dollars in losses and is the largest such scheme ever prosecuted in the United States.” Using a SQL-injection attacks, the group obtained access and installed backdoors into several large payment processing companies, then stole a huge amount of information from the companies. They then resold these for varying amounts, depending on the origin of the card. Via Net Security, more here.
  • Google Play store inundated with scam apps, Symantec says – “A steady stream of questionable applications is flowing daily into Google’s Play store for Android devices, according to security vendor Symantec.” Symantec believes that they have found at least 1200 malicious apps in the last seven months. These apps are often taken down quite quickly, but still can damage users. The breadth and number of these apps just increases the care a user must take when downloading apps. Via ComputerWorld, more here.

  • DoD’s new cyber teams aren’t expensive, says Carter – The 40 new cyber teams within cyber command, 1/3 of which are dedicated towards offense, constitute 4,000 personnel. The secretary of defense, Ashton Carter, does not view them as expensive, but rather an investment in cyber capabilities. While the teams are new and an addition to the US force, they have been planned and will offer the nation enhanced cyber protection. Via FierceGovernmentIT, more here.

  • House report tells federal, local law enforcement to work on sharing – “The House Homeland Security Committee on Friday issued a plea to further empower fusion centers, the regional agencies tasked with analyzing and sharing local crime data with local, state and federal officials.” While fusion centers, founded post 9-11, have been spreading and making advances, they are lacking in strategy, funding and overall metrics. Many homeland security experts believe that fusion centers can be a huge help in stopping terror and other attacks, and increase our overall security posture. Via FedScoop, more here.
  • Most Organizations Don’t Assess Time to Incident Detection as Key Security Metric – Security metrics are all over the place, but apparently many agencies are missing an extremely key metric – time to incident detection. Incident detection is the first step in the cycle, and without it, you cannot mitigate or re-mediate. Until organizations focus on this metric, they will be focusing incorrectly on threats and their cyber response. Via InfoSecurity, more here.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com

IoT & Smart Cities Stories
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the tec...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitoring and Cost Management … But How? Overwhelmingly, even as enterprises have adopted cloud computing and are expanding to multi-cloud computing, IT leaders remain concerned about how to monitor, manage and control costs across hybrid and multi-cloud deployments. It’s clear that traditional IT monitoring and management approaches, designed after all for on-premises data centers, are falling short in ...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and G...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. IoT Now explores the evolving opportunities and challenges facing CSPs, and it passes on some lessons learned from those who have taken the first steps in next-gen IoT services.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...