IT professionals continue to cite security concerns as one of the largest barriers to cloud migration. Uniform government standards specific to cloud computing have yet to be finalized, leaving important questions regarding data availability and integrity unanswered. SafeGov.org aims to provoke discussion related to these concerns as well as raise awareness of the ways in which cloud computing could ultimately strengthen existing security measures.
Ron Miller, TechCrunch, Thursday, September 18, 2014
Financial institutions crave cloud scalability, but have been reluctant to jump on the cloud bandwagon because of security concerns. In particular, they have been hesitant to expose their precious SSL keys to the open internet. The key identifies them as a financial institution and lets the other party know they can accept or send funds. As you can imagine, they don’t ever want this information escaping their control. CloudFlare, a company that is trying to move all of the traditional networking hardware you typically have in an on-premises data center into the cloud, figured out how to let financial institutions have have it both ways.
Wednesday, September 17, 2014
From checking email to editing presentations on the fly, more federal employees are using mobile devices as part of their job. But technology policymakers at federal agencies, by and large, are still playing catch-up. But it hasn’t proven to be the last word on either protecting government-owned or private employee data. Among the lingering questions remaining to be answered: How can the government secure itself against the proliferation of devices and apps? And how will federal employees’ personal information stored on such platforms be protected?
Ram Lakshminarayanan, ZDNet, Tuesday, September 16, 2014
Organisational pressure to reduce costs and optimise operations has led many enterprises to investigate cloud computing as a viable alternative to create dynamic, rapidly provisioned resources powering application and storage platforms. Despite potential savings in infrastructure costs and improved business flexibility, security is still the greatest barrier to implementing cloud initiatives for many companies. Information security professionals need to review a staggering array of security considerations when evaluating the risks of cloud computing.
The Chertoff Group
Monday, April 28, 2014
The explosion of smartphones and their apps has improved lives in many ways: greater convenience, more information, and far less boredom, to name a few. But the dangers of apps are beginning to get more attention. Apps access massive amounts of personal data, but they lag far behind other technologies when it comes to protection of privacy and data security.
The Chertoff Group
Wednesday, March 26, 2014
In 2012, the American cybersecurity company, Mandiant (now owned by FireEye) released a report tracking an extensive, comprehensive cybersecurity threat from China. It gave the Chinese program the name “APT-1,” where APT stands for Advanced Persistent Threat. APT was as accurate a characterization as one could imagine – the techniques used by the Chinese where highly sophisticated and advanced, and they were determined and continuous.
The Chertoff Group
Monday, March 24, 2014
Edward Snowden’s leaks about National Security Agency surveillance practices have had a profound effect on the U.S. cloud computing industry. Experts disagree on the long-term harm to U.S. companies, but recent projections are for $22 billion or more in lost revenue over the next three years. The harm comes largely from backlash over the perceived complicity of U.S. technology companies with NSA operations. That U.S. companies will suffer harm this significant as a result of U.S. government activities raises important questions about U.S. decision-making. In particular, have economic issues, including the competitiveness of U.S. industry and the health of the Internet economy received enough attention in decisions about surveillance? The answer appears to be no.
Monday, March 17, 2014
Cyber Security is a tough situation. You have to protect your digital assets. It isn’t in your organization’s best interest to leave things open and at risk. On the other hand, your end users are pushing for more and more capabilities and access to more and more resources from more and more locations.
Jason Miller, Federal News Radio, Thursday, January 23, 2014
In the rush to the cloud over the last three years, most agencies have tempered their desires and excitement because of security concerns. Agency chief information officers have struggled to satisfactorily answer a number of questions regarding data ownership and protection, and how do the existing cross-agency cyber initiatives fit into the cloud structure.
Rutrell Yasin, Government Computer News, Wednesday, January 22, 2014
An IT industry group led by former Office of Management and Budget e-government administrator Karen Evans says it’s time for the federal government to interconnect the three major IT initiatives it has been driving along largely separate tracks for the last decade: cloud, cybersecurity and mobile computing.
Amber Corrin, Federal Computer Week, Wednesday, January 22, 2014
Most government agencies are embracing the benefits of cloud computing, a mobile workforce and cybersecurity measures to protect critical networks and assets. But in many cases it has been a struggle just to get to that point, and hurdles remain as different approaches present a fragmented federal IT security picture.