Browsing: Cybersecurity

HP, Oracle among companies in FedRAMP pipeline


Century Link, HP and CA Technologies are among the companies with cloud solutions awaiting final approval under a governmentwide security program. Specifically, these companies are working to obtain a  Joint Authorization Board Provisional Authorization for a specific cloud offering. That’s basically a seal of approval from an interagency board of chief information officers at the General Services Administration, Homeland Security and Defense departments, acknowledging that companies have met minimum federal standards for securing cloud solutions. See a complete list of companies awaiting JAB approval here. As required by the Federal Risk and Authorization program (FedRAMP), the cloud vendors first hired an independent assessment organization…

Four companies awarded work on $6B cyber contract


Four companies have been awarded work under the Department of Homeland Security’s $6 billion cybersecurity contract. Winners include Knowledge Consulting Group, Northrop Grumman, Technica and HP. The RFQ was for continuous monitoring tools, not services. The goal was to increase or extend software licenses that agencies already have in place, at a discounted price. Read more here.

Competition underway on $6 billion DHS cyber contract


The Department of Homeland Security on Wednesday released the first request for quote under its $6 billion continuous monitoring contract, according to industry sources. The RFQ is for cyber tools and equipment, not services. The goal is to increase or extend software licenses that agencies already have in place, at a discounted price, said James Yeager, director of federal civilian sales at McAfee.  As of last month, 12 of the 17 vendors on the contract included McAfee products as part of their tool set available to agencies. The RFQ will provide tools for 33 departments and agencies and range in value between $37.5 million and $60…

DHS gets new cybersecurity chief


A senior officer at McAfee, Inc., will be the newest deputy undersecretary for cybersecurity at the National Protection and Programs Directorate at DHS, according to an Aug. 19 blog post by secretary Janet Napolitano Phillis Schneck, the vice president for the global public sector at McAfee, Inc., has also held positions at IBM, NASA, the University of Maryland, CygnaCom solutions, and other companies. Phyllis has been a close partner in our cybersecurity mission for many years. She served for eight years as chairman of the FBI’s InfraGard National Board of Directors and founding president of InfraGard Atlanta, growing the InfraGard…

How hackers infiltrated federal agency


In addition to the standard two forms of identification, offer letter and contact information, new hires at the U.S. Department of Education are required to bring along a certificate of completion for cybersecurity training course. A recent internal investigation shows why that training is probably a pretty good idea. In a previously undisclosed probe into a 2011 “spear phishing” campaign, hackers targeted senior staff and managed to break through the department’s security protections to steal data from the department. Much about the incident, which was described in documents released through a Freedom of Information Act request by Federal Times, remains…

NIST on track to release preliminary cybersecurity standards


The National Institutes of Standards and Technology is on track to develop a preliminary set of voluntary cybersecurity standards by October, according to the head of the agency. Patrick Gallagher, NIST director, said at a Senate Commerce, Science and Transportation committee hearing Thursday that the agency is working closely with private industry as mandated by a Feb. 19 executive order. “We have made significant progress but we still have a lot to do,” Gallagher said. He said the agency has already held three workshops for industry feedback and will continue to work with the private sector to develop a flexible…

Video: Booz Allen VP McConnell on Edward Snowden


Nearing the end of a half hour talk on cybersecurity at a conference of contracting professionals in Alexandria, Va., Thursday, Booz Allen Hamilton vice president Mike McConnell had not uttered the name Edward Snowden. And Snowden, after all, is someone who has people talking a lot about cybersecurity these days. The now famous former Booz Allen employee stands charged with espionage and is still on the run from U.S. authorities after leaking details to the media on once secret government surveillance programs. As McConnell, a former director of national intelligence, was wrapping up his presentation, he said he’d take a…

Snowden the whistleblower? Not exactly


Dubbed a traitor by House Speaker John Boehner and yet hailed as a brave whistleblower by Daniel Ellsberg, Edward Snowden’s leaks about National Security Agency data collection techniques have ignited public debate about privacy, security and the scope of U.S. government surveillance activities. But legally speaking, the 29-year old, self described high school dropout isn’t really a whistleblower: “Whistleblowers are individuals who have engaged in lawful disclosure,” said R. Scott Oswald, managing principal of The Employment Law Group, a DC-based law firm that represents whistleblowers, including some in the intelligence community. Snowden, however, leaked classified information subject to a court…

House to vote on information-sharing cyber bill


House lawmakers will consider a bill Wednesday that would allow companies and federal agencies to voluntarily share and receive cyber threat information with each other. The Cyber Information Sharing and Protection Act (CISPA) passed the House Permanent Select Committee on Intelligence April 10 and will be introduced on the House floor Wednesday. A vote is expected by Thursday. An earlier version of the bill passed the House last April but lacked additional privacy controls included in the revised bill. Still, that has not satisfied the White House and civil liberties groups who say the bill’s current provisions are insufficient. CISPA…

Report finds thousands of unsecure devices on Army networks


Thousands of rogue Apple, Android and Windows devices found operating on the Army’s network could pose major security risks to sensitive data and Army network operations, according to a recent report. Army commands failed to report more than 14,000 commercial smartphones and tablet computers being used across the service for research activities, data collection, mobile device pilot programs and other tasks, according to the March 26 inspector general report. Army Corps of Engineers, Engineer Research and Development Center in Vicksburg, Miss., and the U.S. Military Academy at West Point, N.Y., were among the locations using unapproved devices. Army officials at…

1 2 3 4