Network Security News

Federal CISOs lack emphasis on internal security breaches

Friday, May 1, 2009

Federal CISOs are most concerned with external attacks on government websites and data security, but lack an appropriate emphasis on the threat of internal security breaches, according to a new report.

Based on a survey of half of federal CISOs, the report by the International Information Systems Security Certification Consortium - referred to as (ISC)2 - found that the government's network security professionals continue to face organizational challenges, including inadequate resources to do the job, undue focus on compliance reporting and unnecessary red tape at the expense of addressing known problems.

Although CISOs are highly motivated, feel they are making some progress and are mostly happy in their roles, the (ISC)2 report said CISOs may underestimate the more serious threat of internal attacks.

Half the CISOs believe the government is "not getting ahead" of the attackers, while the other half believes we "are turning the corner," the survey found.

The report said a compliance culture must be replaced with a risk-management approach to security, yet the CISOs and their overseers in the federal agencies and in Congress have more work to do in educating officials that risks cannot be eliminated, only managed.
ADNFCR-1765-ID-19151117-ADNFCR

Related News:

Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.

Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.

Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.

iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.

Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now