nextgov

Maybe it's time the Secret Service starts cracking down on the computer security of presidential candidates, in addition to their physical security, some private cyber investigators say, after a leak of Democratic party files right before the nomination of Hillary Clinton for president. "When you are running for president up and through [Republican National Committee] and DNC conventions, there are a lot of physical protections put in place for the potential president, however, on the cyber side we have not caught up in that world yet," said Tony Cole, global government chief technology officer for cyber forensics firm FireEye.

The Secret Service, in most situations, "does not secure the computer systems" of political organizations, nor does it "secure the computer systems of individuals, to include protectees," like major presidential candidates, according to a legal summary from the Secret Service. That said, Secret Service spokeswoman Nicole Mainor said that the agency "plays a significant law enforcement role in ensuring that candidates are aware of a range of vulnerabilities – ranging from physical protection to cybersecurity." She added, "The Secret Service continues to work vigorously with our local, state and federal partners to prevent and detect cyberthreats against the homeland, to include those against presidential candidates and their campaigns.”

Public spending on sensor technology might be up, but Internet of things enthusiasts shouldn’t get too excited about a futuristic, hyperconnected government. Without top-down strategies for using networks of devices and embedded sensors, federal adoption “will likely remain low,” a new report from the Center for Data Innovation suggests.

Other barriers include a lack of funding and general risk aversion in government buying. The technology is slowly gaining traction in the federal market — the government spent $8.8 billion on the Internet of things in fiscal 2015, up 20 percent from fiscal 2014, according to a report from big data and analytics firm Govini. It has also garnered congressional attention: A bipartisan group of senators last year passed a resolution calling for a national strategy for the internet of things that would outline how it could boost the domestic economy. But no federal agencies have their own broad plans for using that network, according to a report compiled by the Center for Data Innovation, a division of Washington think tank the Information Technology and Innovation Foundation. No agency, CDI found, "addresses how it will use the Internet of things in its strategic plan.”

Kevin Counihan has been named the first CEO of Healthcare.gov, which serves residents of states that opted not to create their own online insurance marketplaces.

Counihan was CEO of Connecticut’s health insurance exchange, which is one of the most successful state marketplaces and the first to exceed enrollment goals laid out in the health care law.

In his new role, Counihan will manage relationships with state exchanges and run an oversight center, HHS said. He will report to Marilyn Tavenner, the administrator of the Centers for Medicare and Medicaid Services, which oversees HealthCare.gov.

US courts are moving forward with a plan federal agencies say is needed to track down potential terrorists hiding out on the Internet but privacy advocates say would give the FBI wide latitude to hack into people's computers.

Two adjustments to the US Courts Committee on Rules of Practice and Procedure’s draft of search and seizure changes would expand the scope of the government's offensive cyber techniques. The public has until Feb 17, 2015, to weigh in.

Nuclear Regulatory Commission computers within the past three years were successfully hacked by foreigners twice and also by an unidentifiable individual, according to an internal investigation.

Phishing e-mails baited personnel by asking them to verify their user accounts by clicking a link and logging in.

Two bills to strengthen cybersecurity in the systems that underlie the nation’s energy, water and food supplies passed the House, along with a measure to improve the federal government's cyber workforce.

A bill (H.R. 3696) introduced by Rep Michael McCaul (R-TX) seeks to strengthen the Department of Homeland Security's ability to protect 16 critical sectors -- including defense, health, energy and food -- by establishing partnerships with the private sector and enhancing programs already in place.

Other legislation passed by the House included a bill (H.R. 2952) introduced by Rep Patrick Meehan (R-PA) to improve critical-infrastructure security technology and a bill (H.R. 3107) from Rep Yvette Clarke (D-NY) to bolster DHS’ cyber workforce.

Despite moves by the Obama Administration toward digital transparency and open data, the US government now ranks seventh worldwide in e-government, down two spots since 2012, according to a United Nations report on the matter.

Just released, the E-Government for the Future We Want report contrasted the 185 United Nations members by the E-Government Development Index. The EGDI is made up by three components of e-government: online service index, human capital index, and information and communications technology. South Korea ranked first, with Australia, Singapore, France and the Netherlands rounding out the top five.

In a section noting mobile use, the report lauded the Obama Administration for its open data prioritization and its use of apps in delivering services to citizens in its digital government plan.

Regionally, Europe led the rankings with 16 of the 25 nations in the "Very High EGDI" category and a regional EGDI average of 0.69. The US and Canada were the only two nations from the Americas in that category. The Americas region's average EGDI came in at 0.51.

The Defense Information Systems Agency announced it would like a discount on its future purchases of mobile applications, as it kicked off the process to evaluate next-generation smartphones and tablet computers.

DISA’s Mobility Project Office asked vendors to provide it with information needed to evolve its mobile application strategy. On June 27, 2013, the agency awarded a $16 million contract to Digital Management to securely manage mobile devices and set up a mobile app store.

DISA said it needs industry help because of the way apps are developed and deployed in the commercially driven environment. The Mobility Project Office put price first in its request for information to industry, asking, “What are industry best practice for purchasing enterprise applications at reduced rates to support Android, Apple, Blackberry, and Windows Mobile Operating Systems?”

Attracting, retaining and developing key IT talent remains the top challenge among federal chief information officers and chief information security officers, according to a new survey.

The survey of 59 federal CIOs, CISOs, information resource management officials and congressional oversight committee staff by TechAmerica and Grant Thornton, found that 52 percent of respondents indicated that IT workforce issues -- training, recruitment and retention -- remains their biggest challenge. In fact, one respondent said they were “five years behind in terms of talent.”

The way to handle a cyber threat is not by harnessing the enormous amounts of data the United States collects on similar hacks, according to an unlikely source -- a former US intelligence cyber chief.

It’s too much information and inefficient to analyze.

"I hate the wisdom of crowds. That is BS. Does not exist," said Roger Hockenberry, former chief technology officer for the National Clandestine Service. "It creates this immense opportunity when you have tons of data to look at and research, but at the same time, we have tons of data that we need to look at and research."

The quality of data and automation has not matured to the point where feeding information to machines can stop an assault, he said. Still, some current Homeland Security Department officials stressed the need to at least automate data feeds about breaches -- something organizations that are hit by hackers are often reticent about.

"What it really comes down to is your CERT," or computer emergency response team, said Hockenberry, who also served as a CIA chief for cyber solutions. "All the companies that I see have a very nascent ability to automate response to any kind of attack. It’s still a manual process."