What: Federal Network Security Survey Report.
Why: The more complex and connected networks become, the more vulnerable they are to attacks. But not all agencies are taking the necessary measures to ensure their in-transit data is secure, especially when it comes to encryption. While prevention of cyber attacks was rated the highest priority among agencies surveyed (among other categories that included identifying attacks and remediation), only 26 percent of respondents believed their data was fully protected.
Although encryption of data on networks is important to 95 percent of the agency respondents, just 76 percent said their agency encrypts its data, with 62 percent focusing on SSL encryption, which may not adequately protect Secret and Top Secret inflight datasets.
Budget constraints, limited resources, complexity and impact on network performance are top challenges agencies cited in protecting data on the network.
The study recommends that agencies select a data protection solution that is simple to implement and maintain, does not increase costs, protects various types of data and can handle current and future connection speeds.
Verbatim: “Despite the priority agencies place on security and prevention, the study results show there is no place within the enterprise where data is fully protected to prevent cyberattacks. It is critical to ensure your encryption strategy expands as your enterprise grows to accommodate additional users and networking services.”
The Federal Network Security Survey Report was commissioned by Brocade and conducted by Market Connections. Read it here.
Posted on Apr 29, 2015 at 7:45 AM0 comments
Finding information on local air quality may soon be as easy as a walk in the park. The Environmental Protection Agency announced five cities will be getting Village Green solar-powered air monitoring stations to install in parks and community centers.
The stations use air sensors, miniaturized and low-power computer technology, solar panels and recycled materials to measure common air pollutants and weather conditions. The data is wirelessly transmitted from the stations by cellular modem, quality-checked and then posted online.
The new project aims to increase citizen participation and understanding of local air quality. “The project puts science into the hands of citizens, allowing them to access local air quality information from the benches through on-site displays and a mobile-friendly website,” EPA said.
The real-time data measured by the stations can be used by citizen scientists, students, community organizations and researchers to understand air quality and how events such as weather changes or nearby sources of air pollution can change local conditions. “These new solar-powered, air monitoring park benches provide minute-by-minute data that can help citizens better understand air quality,” EPA Administrator Gina McCarthy said.
The five new monitoring stations will be installed at:
- Independence National Historical Park in Philadelphia;
- The children’s area at the National Zoo in Washington, D.C.;
- The Children’s Garden of the Myriad Botanical Gardens in Oklahoma City;
- Outside the new Kansas City South Branch Library; and
- Outside the Connecticut Science Center in Harford.
A pilot station at South Regional Library in Durham County, N.C., has been operating since June 2013, providing reliable readings every minute on particulate matter, ozone, wind speed and direction, temperature and humidity. The data is automatically streamed to the Village Green Project web page.
The Durham station has been a gathering place for the local community to learn about air quality and has allowed agency researchers to assess how the technology performed, the EPA said. Additionally, the agency is developing a detailed design package for use by anyone who is interested in building a station.
Posted on Apr 27, 2015 at 1:55 PM0 comments
For four days in mid-April, teams from service academies in the United States and Canada competed in the 15th annual Cyber Defense Exercise – a contest in which cadets design and build computer networks and then and defend them against intrusions by the National Security Agency and Canada's Central Security Services. When the April 13-17 exercise was complete, the U.S. Naval Academy emerged as the winner, capturing its third trophy since the contest began in 2001.
The other teams hailed from the U.S. Air Force Academy, U.S. Coast Guard Academy, U.S. Merchant Marine Academy, U.S. Military Academy and the Royal Military College of Canada. NSA's Information Assurance Directorate sponsored the event, which was hosted by the Parsons Group, a technology engineering services firm.
The exercise ran on a virtual private network to prevent any interference with real, working networks. Cybersecurity specialists graded teams’ ability to “effectively maintain network services while detecting, responding to and recovering from network security intrusions or compromises.”
"CDX is a competition singular in its scope, its execution and in training opportunities," the NSA's Alex Gates said in an announcement of the Naval Academy's win. The students "are able to put theory into practice. CDX provides insights and awareness that simply can't be obtained from traditional classroom instruction."
Posted on Apr 23, 2015 at 10:13 AM0 comments
When the General Services Administration's 18F unveiled the Analytics.USA.gov dashboard for federal website traffic, it also posted the code on GitHub. Now the Philadelphia city government has put that open-source project to use for its own sites with analytics.phila.gov.
In an April 20 blog post announcing the launch, City of Philadelphia Data Scientist Lauren Ancona called the new site a "first attempt to capture a 'big picture' website report card in Philadelphia, and it’s still a rough draft. There are currently almost 30 offices or agencies included in the reporting, with around 25 still to add, as well as several non-phila.gov domains."
The dashboard relies on Google analytics, and is a static website that, for the federal-government version, lives in Amazon S3 cloud storage and is served up via Amazon Cloudfront. 18F published an explanation of the project's technical underpinnings in March.
Posted on Apr 22, 2015 at 8:00 AM0 comments
The Army is making plans for a cloud-based fully immersive training environment that aims to make soldiers’ time in the field more productive and meaningful.
"The next capability will be a leader-focused, soldier-centric capability that immerses a soldier, wherever they are at the point of training, in a synthetic environment, that allows us to tailor that environment to the demands of the leader," Col. David S. Cannon of the Combined Arms Center said. Officials expect those next-gen tools to be introduced between 2023 and 2031, Defense Systems reported.
Cannon envisions the use of 3D goggles that that will realistically and cost-effectively replicate real-life scenarios, such as assembling and disassembling weapons systems for soldiers, no matter their location. The virtual training will be a “cloud-based, network-delivered, device-oriented capability that is borne on the mission command information network," he said.
The military as a whole has embraced virtual training tools as a means of more efficient training. The Army’s Future Holistic Training Environment-Live Synthetic, or “Live Synth” encompasses several realistic battlespace scenarios and computer modeled simulations that include training with small arms, armored vehicle and aircraft. The Office of Navy Research’s video game-based training tool Strike Group Defender allows sailors to train in a risk-free environment, offering feedback on performance in deploying electronic mechanisms to either avoid incoming missiles or offensively shoot them down.
Posted on Apr 15, 2015 at 8:27 AM0 comments