Verizon breach report: healthcare behind curve

Erin McCann, Government Health IT,  Wednesday, April 23, 2014

The healthcare industry needs to start doing a few things differently when it comes to privacy and security -- one of them being: Start taking it seriously. This, according to Verizon's annual breach report released today.

GSA Has a New Plan for Cloud Providers Navigating Changing Security Standards

Frank Konkel, Nextgov,  Tuesday, April 22, 2014

The General Services Administration released a transition plan on Tuesday that provides guidance to cloud computing service providers that will have to adhere to new baseline security standards slated for release in June.

Open data or privacy breach?

Phil Wainewright, diginomica,  Tuesday, April 22, 2014

The trouble with big data is that the most useful kind comes from aggregating lots of data about individuals — you and I. As the UK’s national tax agency, HMRC, discovered over the holiday weekend, that often makes it difficult to do the right thing. There was outcry as HRMC plans emerged “to release anonymous tax data to third parties including companies, researchers and public bodies.”

FTC in position to enforce data stewardship standards among cloud providers, says paper

David Perera, FierceGovernmentIT,  Sunday, April 20, 2014

Enforcement actions by the Federal Trade Commission have laid a foundation for establishment of data stewardship standards controlling cloud services that involve processing personal data, say two academics.

You don't have to be a conspiracy theorist to find Google alarming

Mathias Döpfner, The Guardian,  Friday, April 18, 2014

Its colossal power has worrying implications not only for the health of Europe's digital economy, but for the individual freedom of citizens.

NIST cybersecurity framework analysis: Putting it to good use

Ernie Hayden,,  Friday, April 18, 2014

The NIST cybersecurity framework was successfully delivered to critical infrastructure providers and the public in February of this year, but questions linger as to the content of the framework and just how it can be used to improve security programs. In this tip, we'll walk through the basics of the framework, advise on the best ways to get started implementing it and explain just how it differs from other security standards.

Data encryption, notification and the NIST Cybersecurity Framework

Kathleen Richards, Information Security,  Friday, April 18, 2014

The Framework for Improving Critical Infrastructure Cybersecurity, newly released by the U.S. Commerce Department's National Institute of Standards and Technology (NIST), got tremendous play a year ago at the RSA Conference in San Francisco. Even though NIST is a non-regulatory federal agency, a capacity crowd attended former head of Homeland Security Michael Chertoff's talk during the "Special Forum on Cybersecurity: New Directions from the White House" session at the annual security confab.

The Benefits and Dangers of Choosing Cloud-Based File Sharing

David Hutchins, State Tech,  Thursday, April 17, 2014

At every level of government, there’s an emphasis on collaboration and teamwork. Simultaneously, cloud computing has driven the continued consumerization of technology into the realm of personal storage and file sharing.

Agencies make FOIA gains, but critics say it’s not enough

Dibya Sarkar, GCN,  Wednesday, April 16, 2014

Federal agencies are expanding their use of technology - from social media broadcasts that highlight new information to records management systems for easier searching - in an effort to become more transparent and effective in meeting a rising number of FOIA requests every year.

Privacy could 'crash' big data if not done right

Ashley Gold, FierceHealthIT,  Tuesday, April 15, 2014

Privacy has the potential to crash big data before there's a chance to get it right, and finding the right balance is key to future success, experts argued at a Princeton University event earlier this month.