Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Daily Archives: June 26, 2015

GAO Report – Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies

Cybersecurity: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies, GAO-15-725T: Published: Jun 24, 2015. Publicly Released: Jun 24, 2015

“GAO has identified a number of challenges federal agencies face in addressing threats to their cybersecurity, including the following:

  • Designing and implementing a risk-based cybersecurity program.
  • Enhancing oversight of contractors providing IT services.
  • Improving security incident response activities.
  • Responding to breaches of personal information.
  • Implementing cybersecurity programs at small agencies.

Until federal agencies take actions to address these challenges—including implementing the hundreds of recommendations GAO and agency inspectors general have made—federal systems and information, including sensitive personal information, will be at an increased risk of compromise from cyber-based attacks and other threats. In an effort to bolster cybersecurity across the federal government, several government-wide initiatives, spearheaded by the Department of Homeland Security (DHS) and the Office of Management and Budget (OMB), are under way. These include the following:

  • Personal Identity Verification: In 2004, the President directed the establishment of a government-wide standard for secure and reliable forms of ID for federal employees and contractor personnel who access government facilities and systems. Subsequently, OMB directed agencies to issue personal identity verification credentials to control access to federal facilities and systems. OMB recently reported that only 41 percent of user accounts at 23 civilian agencies had required these credentials for accessing agency systems.
  • Continuous Diagnostics and Mitigation: DHS, in collaboration with the General Services Administration, has established a government-wide contract for agencies to purchase tools that are intended to identify cybersecurity risks on an ongoing basis. These tools can support agencies’ efforts to monitor their networks for security vulnerabilities and generate prioritized alerts to enable agency staff to mitigate the most critical weaknesses. The Department of State adopted a continuous monitoring program, and in 2011 GAO reported on the benefits of the program and challenges the department faced in implementing its approach.
  • National Cybersecurity Protection System (NCPS): This system, also referred to as EINSTEIN, is to include capabilities for monitoring network traffic and detecting and preventing intrusions, among other things. GAO has ongoing work reviewing the implementation of NCPS, and preliminary observations indicate that implementation of the intrusion detection and prevention capabilities may be limited and DHS appears to have not fully defined requirements for future capabilities.

While these initiatives are intended to improve security, no single technology or tool is sufficient to protect against all cyber threats. Rather, agencies need to employ a multi-layered, “defense in depth” approach to security that includes well-trained personnel, effective and consistently applied processes, and appropriate technologies.”

GAO Reports – Accessible Communications, Bank Regulation, Chemical and Biological Defense, Combating Terrorism, DHS IT Contracting

Accessible Communications: FCC Should Evaluate the Effectiveness of Its Public Outreach Efforts, GAO-15-574: Published: Jun 25, 2015. Publicly Released: Jun 25, 2015. Bank Regulation: Lessons Learned and a Framework for Monitoring Emerging Risks and Regulatory Response, GAO-15-365: Published: Jun 25, 2015. Publicly Released: Jun 25, 2015. Chemical and Biological Defense: Designated Entity Needed to Identify,… Continue Reading

Americans’ Internet Access: 2000-2015

Pew – As internet use nears saturation for some groups, a look at patterns of adoption:”A new analysis of 15 years-worth of data highlights several key trends: For some groups, especially young adults, those with high levels of education, and those in more affluent households, internet penetration is at full saturation levels. For other groups,… Continue Reading

Report documents extensive drought in western states

Follow up to previous posting – California Curtails Senior Water Rights via ProPublica –  California’s Drought Is Part of a Much Bigger Water Crisis. Here’s What You Need to Know, by Abrahm Lustgarten, Lauren Kirchner and Amanda Zamora. June 25, 2015. “Why do I keep hearing about the California drought, if it’s the Colorado River… Continue Reading

HHS OIG Reports Fraud Abuse in Cost of Drugs Under Medicare

HHS OIG Data Brief • June 2015 • OEI-02-15-00190. Questionable Billing and Geographic Hotspots Point to Potential Fraud and Abuse in Medicare Part D: “More than 1,400 pharmacies had questionable billing for Part D drugs in 2014 A total of 1,432 retail pharmacies billed extremely high amounts for at least one of the five measures… Continue Reading

CFPB consumer complaint database

“[June 25, 2015] the Consumer Financial Protection Bureau (CFPB) [went] live with an enhanced public-facing consumer complaint database. It includes for the first time over 7,700 consumer accounts of problems they are facing with financial companies concerning mortgages, bank accounts, credit cards, debt collection, and more. The CFPB is also publishing a Request for Information… Continue Reading

Job Opening – New Librarian of Congress

The Atlantic – Robinson Meyer: Experts say that a new librarian should digitize more works, raise more money—and use email. “The current librarian, James Billington, has held the title since his appointment by President Reagan in 1987. Though named by the president and confirmed by the Senate, the Librarian doesn’t change with every new White… Continue Reading

2014 Country Reports on Human Rights Practices

“On June 25, 2015, Secretary Kerry submitted the 2014 Country Reports on Human Rights Practices (commonly known as the Human Rights Reports) to the U.S. Congress.  The reports, now in their 39th year, are available at State.gov/humanrightsreports and HumanRights.gov/reports.  Mandated by Congress, the Human Rights Reports help inform U.S. government policy and foreign assistance.  They… Continue Reading

Paper – The Oligopoly of Academic Publishers in Digital Era

PLOS ONE Open Access – “The consolidation of the scientific publishing industry has been the topic of much debate within and outside the scientific community, especially in relation to major publishers’ high profit margins. However, the share of scientific output published in the journals of these major publishers, as well as its evolution over time… Continue Reading