Planning, technology and messaging are critical in preparing for a pandemic, panelists said Thursday at an FCC summit on the subject. Expanding telecom infrastructure like broadband networks will be crucial to dealing with a pandemic, officials said. But officials foresee challenges in keeping networks working during emergencies.
Mobile devices have been brought to college classrooms to further educational goals, educators said. Operators and vendors see higher education as a promising market, they said. But “digital cheating” and security issues were on the rise too, said safety expert Ken Trump, CEO of National School Safety and Security Services. Most K-12 schools have banned cellphone use in class, Trump said.
A bill to update the Federal Information Security Management Act, enacted in 2002, didn’t move Wednesday in the Senate Homeland Security and Governmental Affairs Committee, which lacked a quorum. But the six senators who showed up defeated an amendment by Tom Coburn, R-Okla., that would have stripped a provision creating a new council of agency chief information security officers. Sponsor Tom Carper, D-Del., said a string of breaches at U.S. agencies, hacking attempts by foreign states and even “pranksters who are trying to create some mischief” demand a FISMA update. “What we did then was frankly not successful and not sufficient,” since many agencies now can’t even say what data they hold, he said: “Those of us here in Congress have little idea whether our work [in 2002] has made agencies any more secure.” S- 3474, also titled FISMA, would require agencies to designate chief information security officers, or CISOs, barred from serving simultaneously as chief information officers. CIOs and CISOs would report jointly on network security in quarterly filings to the U.S. Computer Emergency Readiness Team at the Department of Homeland Security. The bill would authorize CISOs to deny network access to users not following security policies. The bill would create a CISO Council, similar to the existing CIO Council, also including representatives from OMB, Office of the Director of National Intelligence, each military branch, US-CERT, U.S. Strategic Command and other relevant agencies. The council would be led by the National Cyber Security Center and OMB. DHS would have to evaluate each agency’s network security, reporting yearly to Congress on their performance. OMB and the National Institute of Standards and Technology would have to issue network-security regulations applying to any entity contracting with federal agencies. The CISO council provision is duplicative, Coburn said: “Creating another council means that we're not going to hold the council we have now accountable.” Agencies already can create CISO positions or a new council, though OMB has said a CISO Council isn’t necessary, he added: “What we ought to be saying is ‘Do your job.'” Carper said CIOs’ duties, such as procurement and IT workforce improvement, differ dramatically from those of CISOs. Previously, as Delaware’s governor, he created councils for family services and land use that met with him monthly, so they would “stop working through stovepipes,” he said. Carper and Coburn disagreed whether a CISO Council would cost any money.
Mobile devices have been brought to college classrooms to further educational goals, educators said. Operators and vendors see higher education as a promising market, they said. But “digital cheating” and security issues were on the rise too, said safety expert Ken Trump, CEO of National School Safety and Security Services. Most K-12 schools have banned cellphone use in class, Trump said.
House telecom leaders anticipate a surge of activity as the DTV transition approaches, they said, and they sought answers from acting NTIA Administrator Meredith Baker and FCC Chairman Kevin Martin on plans for the five months before the DTV switchover in February. Concern included how well NTIA will handle an anticipated increase in the number of requests for converter-box coupons. “We need a specific plan to get this surge of applications processed and out the door early, so consumers don’t wait a significant amount of time” to get their coupons, House Telecom Subcommittee Chairman Ed Markey, D-Mass., told Baker. He asked for a detailed plan within 30 days and answers within 48 hours to a letter he and House Commerce Committee Chairman John Dingell, D-Mich., had sent asking NTIA why it’s seeking an additional $7 million to run the coupon program.
House telecom leaders anticipate a surge of activity as the DTV transition approaches, they said, and they sought answers at a House Telecom Subcommittee hearing Tuesday from acting NTIA Administrator Meredith Baker and FCC Chairman Kevin Martin on plans for the five months before the DTV switchover in February.
New York City has broad support from other major cities for its proposal that the FCC give the 700 MHz D-block to public safety directly so cities can build their own networks, rather than try again to auction the band, Deputy Police Chief Charles Dowd told a House Homeland Security panel Tuesday. Dowd also said the city will make a filing this week at the FCC asking for permission to use the D-block for a “proof of concept” trial project.
SkyPort Global Communications’ Network Operations Center in Houston “performed flawlessly” during Hurricane Ike, the satellite integrator said. The center allowed SkyPort to offer continuous services to customers including the Federal Emergency Management Agency and the Texas National Guard, the company said. It said FEMA has a contract with mobile communications provider MCS, which uses SkyPort. The contract with the Texas National Guard is also for other ongoing operations and training, SkyPort said. The Texas National Guard will collocate routers at SkyPort’s facility at the Ellington Field Joint Reserve Base in Houston, SkyPort said. The facility is on high ground and built to withstand category 3 hurricane winds of 130 mph, SkyPort said.
Computer Emergency Response Teams from France and Poland aided the Republic of Georgia during August cyberattacks, said an unclassified summary of CERT-Estonia actions in Georgia. A downed microwave repeater “eliminated connection to the Internet via routes not under the control of the Russian Federation,” the summary said. GSM network troubles were linked to bad network design and combat, it said. An Aug. 12-16 Estonian visit sought mainly to collect information and fend off attacks on local government and news agency Web sites, the summary said. Caucasus Network and former incumbent United Telecom of Georgia are the republic’s dominant ISPs. East-west fiber cables connect the country and link to the Russian Federation at both ends. Caucasus Online has Internet connectivity with Turkey through a microwave link. Russian Federation troops wrecked a repeater station, “eliminating Internet connection via routes not under Russian Federation control,” the summary said. Georgian national top-level domain .ge is hosted and administrated by the Caucasus Network, the report said. “TLD name server ns.nic.ge is replicated in ‘ns.uu.net,’ ‘ns2.nic.fr,’ ‘ns-ge.ripe.net’ and ’sunic.sunet.se,'” the summary said. “Distribution of the TLD name servers is good and probably sufficient,” it said. Government bodies don’t control the subdomains of the gov.ge address spaces they use, with development and hosting of the Web sites both outsourced. Georgia has three major GSM network operators. Tbilisi-based Magti uses spread topology for its GSM network. Four GSM switches are spread across the country, the summary said. Turkish operator Turkcell and Russian operator Beeline also offer services. Poor mobile network design and combat accounted for mobile network troubles during the conflict. Georgia’s biggest bank, TBC, was attacked starting Aug. 9, overloading the firewall and helping to bring down ATM and payment terminals. The National Bank of Georgia ordered temporary suspension of all bank Web sites and Internet banking. Attacks started Aug. 8, said the summary. CERT Georgia, which began acting like a national CERT, coordinating attack mitigation, is a university CERT with one full time worker. Others assist when needed. CERT-Georgia got operational help from CERT-France and CERT-Poland. The Polish CERT analyzed IP data and sent out abuse messages. French CERT-France collected log files. A classified report prepared by the Estonian CERT won’t be circulated publicly because the technical data are protected by law, a CERT- Estonia spokesman said.
Technology vendors and consultants seeking details on a classified Bush administration cybersecurity program announced in January left an ITAA-sponsored discussion Monday largely empty-handed. “We have begun many discussions at the classified level” with industry leaders, and more information will come out “in pieces” in “the weeks and months ahead,” said Paul Schneider, Department of Homeland Security deputy secretary. He filled in for Secretary Michael Chertoff, who was busy with DHS’s hurricane-relief efforts in Texas. Schneider made one thing clear: Vendors with visions of federal largess will be disappointed.