Language Selection

English French German Italian Portuguese Spanish

DHS cybersecurity plans need more work

Filed under
Security

The U.S. Department of Homeland Security must do more to protect the nation's critical information infrastructure, according to a report released today by the Government Accountability Office.

While the agency has begun efforts to fulfill its cybersecurity duties, "it has not fully addressed any of the 13 [primary] responsibilities, and much needs to be done," the GAO said.

Those responsibilities include developing a national plan for critical infrastructure protection that includes cybersecurity; developing partnerships and coordinating efforts with other federal agencies, state and local governments and the private sector; improving public/private sharing of information on cyberattacks, threats and vulnerabilities; and developing and improving national cyberanalysis and warning capabilities.

The DHS has already established the U.S. Computer Emergency Readiness Team (U.S. CERT) as a public/private partnership to make cybersecurity a coordinated national effort, the GAO said. And it has established forums designed to build trust and information sharing among federal officials with information security responsibilities and law enforcement entities.

But it has not yet developed national cyberthreat and vulnerability assessments or contingency plans for cybersecurity -- including a plan for recovering key Internet functions, the GAO said.

The report prompted members of Congress to call on the DHS to get moving.

Full Story.

More in Tux Machines

Linux 4.0-rc2

So rc2 missed the usual Sunday afternoon timing, because I spent most of the weekend debugging an issue that happened on an old Mac Mini I have around, and I hate making even early -rc releases with problems on machines that I have direct access to. Even if it only affected old machines that actual developers are unlikely to have or at least use. Today I got the patch from Daniel Vetter to fix it, so instead of doing a Sunday evening rc2, it's a Tuesday morning one. Go get it. It works better for the delay. Other than that little one-liner i915 fix? Not much, actually. It's been a very quiet week, for being this early in the release process. Sure, 3.19-rc2 was even smaller, so it continues a trend, but that was the xmas week. I hope this low volume is just because the 4.0 merge window itself was somewhat calmer than most recent releases. But I suspect the real reason is that the driver and networking trees from GregKH and davem are pending, and didn't make rc2. We'll see. Anyway, the shortlog is appended, and testing is appreciated, Linus Read more

6 Linux-y announcements from Mobile World Congress

I earlier wrote about how Linux invaded CES 2015. The domination continues at Mobile World Congress, which kicked off this week in Barcelona. Here are some of the major announcements from MWC that show that Linux has become an unstoppable force. Read more

Jolla shows off Sailfish tablet, promises ultra-secure phone

Jolla released Sailfish OS 2.0, showed off the first tablet to run the OS, and announced plans with SSH to develop a security-hardened version of Sailfish. Read more

New Ubuntu Phone Separates the App from the Data

As CIO Journal has noted, Mr. Shuttleworth envisions the rise of an Ubuntu-powered phone that runs desktop grade applications and plugs into peripherals such as large displays and keyboards. In other words, he is working to achieve true mobile-desktop-laptop convergence — the only computer you need, in your pocket, all the time. He tried to raise $32 million to fund development of such a phone, known as the Edge, in a widely publicized crowdfunding campaign on Indiegogo. The campaign ended in 2013, short of its goal. Read more