IfG.CC - The Potsdam eGovernment Competence Center

Die USA wollen bis 2007 eine Summe von 903 Mio. Dollar in den Bereich der Computersicherheit investieren. Präsident George W. Bush hat bereits ein entsprechendes Gesetz unterzeichnet, innerhalb der kommenden fünf Jahre soll so das vorhandene Budget fast vervierfacht werden.

According to a report issued by the Government Accountability Office (GAO) today, a number of agencies fell short on recommendations for securing databases, remote access, and mobile devices. All of the agencies received a downgrade in their scores for e-government progress on the President's Management Agenda Scorecard

Tim Young, OMB's associate administrator for e-government and information technology, said at a conference in Falls Church, Va., Tuesday that the consolidation effort has strong support among agencies. He said that the question of whether agencies can share common processes associated with information technology security is meant to spark a dialogue in the IT security community.

The warning comes from the eHealth Vulnerability Reporting Program (eHVRP), a collaborative of health care industry practitioners and technology providers. It was formed last year to assess the security of the nation's electronic health records.

The General Services Administration’s SmartBuy award for securing stored data could provide more value to federal agencies than the potential savings expected from the governmentwide buy. The award, to be officially announced Monday, will provide standard encryption products for federal agencies and state and local governments, which could significantly improve government data security, security experts say.

The annual release of cybersecurity grades are helping to improve U.S. government security, but the law the grades are based on needs to be more specific, U.S. agency chief information security officers said in a survey.

Back then, for example, the only way Treasury Department officials could entice financial institutions to place their orders for government securities online was to use digital certificates and an elaborate public-key infrastructure for securing the transactions.

The E-Health Vulnerability Reporting Program (EHVRP), a nonprofit organization formed in 2006, issued a summary of its findings after a 15-month study assessing the security risks associated with EHR systems.

The panel, which is sponsored by the Health and Human Services Department, aims to identify and harmonize existing information standards so that e-health records can be exchanged among institutions.

In the months following the September 11 attacks on New York and Washington D.C., it was determined the issue of identity verification needed to be addressed. Homeland Security Presidential Directive 12 (HSPD12) established the requirement to verify the identity of all federal employees and issue them a secure identity credential. This has resulted in the issuance of millions of Personal Identity Verification (PIV) credentials.

In a new paper, “Common Risks Impeding the Adequate Protection of Government Information,” OMB and DHS discuss common problems in areas such as training, contracting and records management.

Government agencies face a communications dilemma. On one hand, officials are asked to share more information with other agencies, businesses and citizens. On the other, they are under pressure to boost data protection.

The department has decided to adopt metallic shields and is seriously considering “basic access control” as a further means of preventing the skimming of personal data stored on a passport’s chip.

One form of basic access control under consideration is to imprint data on a passport’s machine-readable zone. The data would exchange an algorithm with a reader at the border station, which in turn would unlock the chip embedded in the passport.

Government auditors certified and accredited 77% of the federal government's 8,623 IT systems after undergoing risk assessments and security-control testing last fiscal year, up from 62% in fiscal year 2003, according to a White House report to Congress made public Friday.

As Wichita health care providers move toward paperless work environments, the security of private data is paramount to successful systems.

Yet electronic health records are surprisingly easy to hack into and are vulnerable to exploitation, according to a study by the eHealth Vulnerability Reporting Program.

Wie der für Aufklärung bei der US-Armee zuständige Generalleutnant Robert Noonan auf der jährlichen Tagung von Old Crows über "Combating Terrorism: What's changing in Electronic Warfare and Information Operations" erklärte, wurden die mit dem Internet verbundenen Netzwerke des Pentagon im letzten Jahr 14.500 Mal angegriffen. Bei 70 Versuchen soll es den Angreifern gelungen sein, auch in das Netz einzudringen, Schaden hätten aber nur drei Vorfälle angerichtet.