The departments of Energy and Homeland Security haven’t defined “supply chain protection measures” for their information technology systems, the Government Accountability Office said in a report (http://xrl.us/bmy9xo) Friday. The agencies also are “not in a position to have implementing procedures or monitoring capabilities to verify compliance with and effectiveness of any such measures,” the report said. GAO identified as risks installation of “malicious logic” on hardware or software, installation of counterfeits, failure or disruption in the production or distribution of a “critical” product or service, reliance on “malicious or unqualified” service providers, and installation of “unintentional vulnerabilities.” Among other national security-related departments, Justice has identified protection measures but has no monitoring capabilities. “Until comprehensive policies, procedures, and monitoring capabilities are developed, documented, and implemented, it is more likely that these national security-related departments will rely on security measures that are inadequate, ineffective, or inefficient to manage emergent information technology supply chain risks,” the report said. The Defense Department was the only one of the four to have “made great progress” through an “incremental approach” to supply-chain risk management, by defining protection measures and procedures for monitoring them. None of the four has “determined or tracked the extent to which their telecommunications networks contain foreign-developed equipment, software, or services,” which isn’t required by law and which officials say would “provide minimal security value relative to cost,” GAO said. The report was requested by Senate Homeland Security and Governmental Affairs Committee Ranking Member Susan Collins, R-Maine, and Government Information Subcommittee Chairman Tom Carper, D-Del.; Senate Commerce Committee Ranking Member Kay Bailey Hutchison, R-Texas; Senate Crime and Terrorism Subcommittee Chairman Jon Kyl, R-Ariz.; Sen. Kirsten Gillibrand, D-N.Y.; and House Commerce Committee Chairman Fred Upton, R-Mich.
The National Emergency Number Association is still working with its members on the challenges public safety answering points face should the FCC mandate text messaging-to-911, CEO Brian Fontes said in a meeting with FCC officials. “We explained that some PSAP equipment such as log recorders may require upgrades in order to handle SMS text, depending on a particular PSAP’s posture with respect to NG911 readiness,” NENA said in a filing (http://xrl.us/bmy435).
The e-commerce industry is taking steps toward increasing mobile payments, but some measures concerning security, accessibility and system implementation must be put in place, lawmakers and mobile payment advocates said Thursday. Players in the mobile landscape must “make sure our financial structure is prepared to enter the new world of mobile banking,” said Financial Institutions and Consumer Credit Subcommittee Chairman Shelley Capito, R-W.Va. “Some aspects [of mobile payments] have been with us and some are in the beginning stages.” Government and industry must make sure that the payments are safe and secure, she told a hearing.
The e-commerce industry is taking steps toward increasing mobile payments, but some measures concerning security, accessibility and system implementation must be put in place, lawmakers and mobile payment advocates said Thursday. Players in the mobile landscape must “make sure our financial structure is prepared to enter the new world of mobile banking,” said Rep. Shelley Capito, R-W.Va., chairman of the House Financial Services Committee’s Financial Institutions and Consumer Credit Subcommittee. “Some aspects [of mobile payments] have been with us and some are in the beginning stages.” Government and industry must make sure that the payments are safe and secure, she told a hearing titled “The Future of Money."
An FCC advisory panel is the latest entity to back text-to-speech emergency alert system warnings (CD March 14 p8). All levels of government can trigger EAS in a format that starts June 30 without sending audio files that take bandwidth and time for broadcasters and pay-TV operators to download, the Communications Security, Reliability and Interoperability Council said. It voted unanimously Thursday to recommend the commission rework an order on the new Common Alerting Protocol format to OK text to speech.
Lawmakers lauded the Department of Homeland Security’s increase in cybersecurity funding, during a Senate Homeland Security and Governmental Affairs Committee budget hearing Wednesday. The president’s budget request includes a 74 percent increase in the department’s cybersecurity budget, for a total request of $770 million for cybersecurity in fiscal year 2013. The administration’s total fiscal year 2013 request for the department is $39.5 billion in net discretionary spending, a 0.5 percent decrease from the year prior.
The FCC wants to know if 19-year-old procedures need updating for how the agency processes pay-TV complaints that a rival withheld a channel. A rulemaking notice released late Tuesday -- in time to avoid a vote at Wednesday’s commissioner meeting (CD March 21 p17) -- asked how or whether to consider allegations of volume discounts or across-the-board cost hikes for programming meant to price all but programming the cable operator owns out of the market. The item contained a few proposals. It recommended a 45-day period for various types of anti-exclusivity complaints made under the 1992 Cable Act to be answered, and to the extent types of programming like regional sports networks (RSN) can’t be withheld, the HD version must be provided to a multichannel video programming distributor.
The federal cyberdefense workforce is losing its best and brightest talent to the private sector because the government can’t afford to keep them, said Defense Department cybersecurity officials at a Senate Armed Services’ Emerging Threats and Capabilities Subcommittee hearing Tuesday.
The following are trade-related highlights of the Executive Communications sent to Congress for March 16, 2012:
The following are trade-related highlights of the Executive Communications sent to Congress for March 15, 2012: