US Customs and Border Protection issued a notice in the Federal Register yesterday which detailed the agency's massive database that keeps risk assessments on every traveler entering or leaving the country. Citizens who are concerned that their information is inaccurate are all but out of luck: the system "may not be accessed under the Privacy Act for the purpose of contesting the content of the record." The system in question is the Automated Targeting System, which is associated with the previously-existing Treasury Enforcement Communications System. TECS was built to screen people and assets that moved in and out of the US, and its database contains more than one billion records that are accessible by more than 30,000 users at 1,800 sites around the country. Customs has adapted parts of the TECS system to its own use and now plans to screen all passengers, inbound and outbound cargo, and ships.
Source: ComputerWorld.com - Posted by Carney Mimms
A legal system rife with outdated laws never designed to cope with such new technologies as VOIP is just one of the worries facing Stephen Treglia, chief of the technology crime unit in the district attorney's office of New York's Nassau County.
Source: Government Computer News - Posted by Eric Lubow
Achieving IT security goals requires more than information technology. It requires a set of metrics to tell you how close you are to reaching your goals. “You get what you measure,” Postal Service IT governance manager James L. Golden said Wednesday at the Federal Information Assurance Conference being held at the University of Maryland. USPS, which has one of the nation’s largest IT infrastructures with 7,000 networked sites and 175,000 users in every corner of the country, uses 130 metrics to track its daily, weekly and monthly security posture, said IT program manager Kenneth Nesper Jr. Doing this requires cooperation throughout the organization, he said.
Source: Federal Computer Week - Posted by Eric Lubow
The Defense Department is unlikely to have any instant messaging scandals similar to the one that embroiled Rep. Mark Foley (R-Fla.). In the armed forces, misuse of online chatting doesn't just run the risk of personal embarrassment; it’s an issue of national security. DOD has a strict IM policy consisting of constant monitoring, prevention of the use of unapproved programs and enforcement of strict discipline when abuses are reported. Army Chief Information Officer Lt. Gen. Steven Boutelle outlined for reporters how the service enforces that policy Oct. 11 at the Association for the U.S. Army conference in Washington, D.C.
Source: ComputerWorld.com - Posted by Carney Mimms
An examination of the e-voting database and its audit logs from the November 2004 general election in Alaska found that changes were made to thedatabase in the months after the votes were tallied, according to the state’s Democratic Party.
The party contends that a study of the electronic voting database, which it obtained a copy of last month after a long battle with the state, revealed that the database had been accessed as recently as this July.
Australia is preparing for cyber-terrorism attacks from "suicide hackers", who will aim to bring down critical infrastructure for a "cause" and not worry about facing 30 years in jail for their actions. So far there have been no major acts of cyber-terrorism -- where hackers take down parts of the critical infrastructure by breaking into power, water, transport or even air traffic control systems -- but the subject has been discussed a great deal. On Tuesday, Colonel Paul Straughair, the director of network centric warfare at the Australian Army and part of the Australian Department of Defence, said he saw "no logical reason" why suicide hackers would not strike in the future.
The Bush administration's cybersecurity chief, who worked under an unusual agreement with a private university that does extensive business with the office he manages, is leaving his job. Donald ``Andy'' Purdy Jr. will step down as acting director of the National Cyber Security Division, part of the Department of Homeland Security. A government spokesman, Jarrod Agen, declined to comment on Purdy's plans, but colleagues circulated an invitation to his farewell party next week. Purdy worked at Homeland Security under a two-year contract with Carnegie Mellon University that expires Oct. 3. Under the contract, the government paid Purdy $245,481 in salary and benefits each year, not including travel reimbursements; Carnegie Mellon paid him an additional $43,320 a year.
Source: Government Computer News - Posted by Eric Lubow
A survey by the National Association of State Chief Information Officers shows that state governments are paying more attention to information security, hiring chief information security officers and giving them defined budgets and enforcement authority. “Security is a hot topic in all the states, we’re all dealing with it,” said Nebraska CIO Brenda Decker in a conference call announcing the survey results.
Chertoff said on Monday that Gregory Garcia, who has been working at a Washington-area trade association, would become the department's first assistant secretary for cybersecurity, with responsibility for advising agencies and the private sector.
The announcement ends a vacancy at Homeland Security that lasted more than 14 months and a wait that drew criticism from members of Congress, who it said demonstrated that Chertoff has not taken the topic seriously.
The Department of Homeland Security has picked a new cyber-security czar. After a yearlong search, the federal government named former ITAA (Information Technology Association of America) vice president Gregory Garcia to be its overseer for cyber-security in the United States.
According to a statement released Sept. 18 by DHS secretary Michael Chertoff, Garcia will brings the "right mix of experience in government and the private sector" to succeed in the role of Assistant Secretary for Cyber Security and Telecommunications.