From securing the cloud to unwrapping new architecture compliance requirements, 2011 was a busy year for the tech public sector. In the New Year's spirit of renewal and rededication, here are 5 resolutions federal agencies should make.
Thousands of data breaches occur as a result of internal information leakage rather than an outside attack. There is a critical need to further educate government personnel on how to keep sensitive information secure. Guest blogger Prenston Gale weighs in with insight on how to achieve this important goal.
"Let's do lunch?" is a phrase many mock; others use it as much as possible to gain invaluable insight from personal experiences and get feedback about present actions and future aspirations. As an intern, I have a limited perspective of the Department of Defense and rely heavily on the guidance of others when contemplating different career ideas, experience opportunities and developmental paths or programs to pursue.
We presently are experiencing intense pressure not to raise the debt ceiling, prophecies about the downfall of government IT, more legislators considering reducing the once-sacred defense budget, and prophecies of gloom and doom relating to government programs in general. Despite this, a number of leaders and real change agents both in government and outside government offer us some real hope and shining examples.
The president and CEO of the USO of Metropolitan Washington encourages everyone to remember our troops and their families as we celebrate our nation's independence.
The Air Force and Arlington County, Virginia, are taking preventative measures against hackers such as the ones that recently attacked Sony, costing them over $170 million. It's not just money at risk for government networks, however.
Individuals, communities, industry, and governments often neglect to plan for secure normal and contingency operations until a disaster strikes. Rather than planning them separately, why not plan normal operations, physical and cyber security, emergency preparedness and disaster recovery, and integrating renewable energy resources? Military and civilian operations on every level and every nation can benefit both before and after an emergency strikes from adopting industry and government best practices and available technologies available around the world today.
Many recognize that our existing organizational and acquisition models can't respond quickly enough to meet the cyber challenge. Why not establish a neutral entity to act as an impartial system integrator that collaborates global efforts and resources to anticipate and defend against our cyber adversaries?
The Military Auxiliary Radio System-MARS-has been a mainstay in military and civilian support communications for decades. Its value as a voluntary civilian entity under the umbrella of the ASD(NII) cannot be understated. But now that the ASD(NII) faces disbanding at the behest of Defense Secretary Gates, what does the future hold? MARS has several potential destinations, but what's the best fit? Where will MARS receive the support it requires to continue flourishing? Share your opinions and ideas here.
Blake Hall is a man on a mission: to help U.S. military personnel use "Web 2.0" Internet technologies to help one another and themselves. Hall's no stranger to demanding missions. A decorated former U.S. Army Captain and Airborne Ranger who led a scout platoon in Iraq, he relates how the first time he ever led a combat mission, his battalion commander laid his hand on his shoulder and said ominously, "Hall, don't screw it up." And based on the overwhelmingly positive, initial response to his and his co-founders' new, veteran-owned web venture, TroopSwap.com, an online community and marketplace for active duty U.S. military, reservists, veterans and their families, that battalion commander would be more than proud.
A different cybersecurity culture needs to be diffused throughout the Defense Department. It will have to view cyberdefenses not as a bandage to be selectively applied to a patchwork of applications. The new cybersecurity must become an inseparable feature of every computer technology that enables our operations.
Defense Department leadership appears to be viewing cyberdefense issues primarily as a matter of policy and strategy that can be fixed incrementally. That is not possible. Cyberdefense deficiencies have became deeply rooted as result of the defective ways in which the Defense Department acquired IT over the past decades. Cyberdefense flaws are inherently enterprise-wide and are mostly not application specific.
Cybersecurity leaks originate from insiders. Unchecked social computing can be the attacker's favorite means for data mining. From the standpoint of our enemies, acquiring easily accessible intelligence from inside sources can be simpler than whatever can be obtained by means of hard work to crack Defense Department barriers.
Guest blogger James Schenck, a U.S. Army veteran and president of the PenFed Foundation, reflects on the military community as we prepare to celebrate our nation's birthday. "This Fourth of July, I ask you to join me in saluting the sacrifices of all veterans who served to defend our nation and remembering their contributions. While the nation reflects on sacrifices of veterans this Independence Day who did not return back from war, I also would like to salute members of the military who sacrificed in other ways."
Migration into a cloud environment by means of virtualization of servers is extremely attractive and has instant paybacks. Compared with other software-intensive improvements, the ability to combine servers in order to increase computer utilization from less than 20 percent to over 70 percent is the most attractive choice in the current environment, when cuts in IT budgets for FY12 and beyond are required by end of this July.
Paul Strassmann offers his insights on network virtualization as an answer to cyber security concerns about the proliferation of things contributing to the "attack surface," such as networks, circuits and computers.
Paul Strassmann continues from last week's "Gentlemen Do Not Open Attachments" with illustrations of how to implement safe social computing using virtual computers.
Two weeks ago, I listened to a U.S. Marine Corps brigadier general plead for a lightweight personal computer that shooters could use at the squad level. All of the talk he heard about net-centric networks was meaningless because network centricity did not reach where it was needed. If the civilians could walk around with BlackBerrys, why couldn't the U.S. Defense Department provide comparable services?