The Field Report
There are 18,000 banking institutions in the U.S., and somebody has to blog about their breaches, concerns and security successes.
Government Information Security Blogs
Comments (4)
Read All Posts (208)
Mind Boggling Cybersecurity Numbers
December 7, 2009 - Eric Chabrow
For instance, last week, Deputy Defense Secretary William Lynn III, at a two-day conference called Cyberspace at the Cross Roads: The Intersection of Cyber, National and Economic Security, said most of the 90,000 personnel defending the 15,000 military networks are not formally certified in information assurance. Those numbers, 90K and 15K, stand out, don't they?
 |
Just as we need freedom of navigation of the seas, we need freedom of movement  |
Speaking to the gathering, Lynn said to meet cyber threats requires changes to the "three C's" - culture, capability and command.
And, he said, that's behind the creation of a new DoD cyber command as a sub-component of the strategic command. "Just as we need freedom of navigation of the seas," Lynn said, "we need freedom of movement online."
 |
 |
 |
 |
|
 |
The objective of computer security includes protection of information and property from theft, corruption or natural disaster, while allowing the information, custom papers and property to remain accessible and productive to its intended users.
Posted by custom papers on January 11, 2010 @ 11:42 AM
Wow, I was excited to see "culture" listed first among the "three C's" - there is a defined eCulture - "The Business Technology Weave" - and it is defined in the book IT WARS: Managing the Business-Technology Weave in the New Millennium. We make specific parts of the book required reading for all new hires, depending on their roles (both business and IT folks). Google "IT WARS", do a little reading, and never look back.
Posted by johnfranks999 on December 8, 2009 @ 7:06 AM
You could make sure everyone from the janitors and up have a blackbelt in IT security, but as long as the plan for DoD involves piling on more layers of what is already failing, do you really expect to see success?
Posted by Rob Lewis on December 7, 2009 @ 8:38 PM
I remember being similarly shocked when I talked to the Environmental Protection Agency about their computer anti-virus issues in 2003. They were talking about managing 40,000 desktops! What in the world do that many people have to do? At the EPA???
Posted by Stiennon on December 7, 2009 @ 3:00 PM
Latest Tweets & Mentions
Posts By Category
- ACH
- Agencies
- Anti-Money Laundering
- Application Security
- ARRA/HITECH
- Audits Investigations Reports
- Authentication
- Bank Secrecy Act
- Banking Today
- Biometrics
- Budgeting & Funding
- Business Continuity & Disaster Recovery
- CIO Council
- Cloud Computing
- Collaboration & Interagency
- Committees and Testimonies
- Compliance
- Confidence In Banking
- Congress
- Cybersecurity
- Data Loss
- Debit, Credit, Prepaid Cards
- Defense Department
- Electronic Health Records
- Emerging Technology
- Encryption
- Endpoint Security
- Federal Trade Commission
- FISCAM
- FISMA
- Fraud
- GAO
- Governance & Standards
- Governance, Risk & Compliance
- Government Accountability Office
- Gramm-Leach-Bliley Act
- GRC
- Health Information Exchanges
- HIPAA
- Homeland Security Department
- HR
- ID & Access Management
- ID Access & Management
- Identity Theft
- Identity Theft Red Flags Rule
- Incident Response
- Information Security Compliance
- Information Sharing
- Insider
- Insider Threat
- Inspectors General
- Intelligence
- Law Enforcement
- Laws, Regulations & Directives
- Leadership & Management
- Legislation
- Medical Identity Theft
- Messaging
- Mobile & Wireless
- Mobile Banking
- National Security Agency
- Network & Perimeter
- Network/Perimeter
- NIST
- Office of Management & Budget
- Office of Management and Budget
- Pandemic Preparation
- Payments
- PCI DSS
- Phishing
- Physical Security
- Privacy
- Remote Capture
- Risk Assessment
- Risk Management
- Sarbanes-Oxley Act
- Security Leadership
- SIM & SEM
- SIM/SEM
- Skimming
- Social Media
- Staff & Recruitment
- Storage
- Technology
- Training & Education
- Unified Threat Management
- US-CERT
- Vendor Management
- Virtualization
- Web Security
- White House
Authors & Blogs
The Agency Insider
From the FDIC to the NCUA, banking institutions take guidance from myriad government agencies and regulations. Here's where we make sense of it all.
Secure Marketspace
A look into how the security and privacy concerns of consumers and citizens impact institutions and government agencies.
Information Technology Risk Management
Not all risks are created equal. Understand, manage and transfer risks, as necessary. Ignore none.
-
The Public Eye
Keeping tabs on federal government efforts to protect citizens' privacy
-
Industry Insights
Insights and opinions from the thought-leaders who represent the industry’s services and solutions providers.
Career Insights
Insights from advisors, consultants and practitioners who know what it takes to be a successful security professional
The Security Scrutinizer
Keeping an eye on efforts to protect the privacy and security of personal healthcare information
The Fraud Blog
Tracking fraud incidents and trends wherever -- and however -- they occur.
Recent Comments
"I tend to agree with John Gilligan. I recently worked for a DoD agency subject to DoD IG, GAO and all the other..."
Read Post | Jump to Comments"I really do not know what they are talking about. My question is exactly and specifically how do we get the knowledge..."
Read Post | Jump to Comments"I strongly disagree that all certifications provides a "false sense of security/" Infosec Pros/Ethical..."
Read Post | Jump to Comments
