Categorizing and Describing Cybersecurity Work for the Nation The National Initiative for Cybersecurity Education (NICE) is pleased to announce the release of Special Publication 800-181, the NICE Cybersecurity Workforce Framework. This publication serves as a fundamental reference to support a workforce capable of meeting an organization’s cybersecurity needs. It provides organizations with a common, consistent lexicon that categorizes and describes cybersecurity work by Category, Specialty Area, and Work Role. It is a resource from which organizations or sectors can develop additional publications or tools that meet their needs to define or provide guidance on different aspects of workforce development, planning, training, and education.
Information systems—from communications platforms to internet-connected devices—require both security and privacy safeguards to work successfully and protect users in our increasingly complex and interconnected world. Toward these ends, the National Institute of Standards and Technology (NIST) has issued a new draft revision of its widely used Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations. Developed by a joint task force consisting of representatives of the civil, defense and intelligence communities, the draft fifth revision of SP 800-53 (8.
I recently had the chance to talk with the legendary Vint Cerf, one of the founding fathers of the internet. We had a wide-ranging discussion about the past, present and future of the internet, network security and what it would take to successfully, safely and reliably merge the digital and physical worlds, a concept known as the “Internet of Things,” or IoT. As its name suggests, the internet of things will connect all kinds of things, bringing us a wealth of data about, well, everything that we can use to improve our lives.
Recently a segment on my favorite morning news program stopped me in my tracks. The young and attractive hosts (why are they always so young and attractive?) were demonstrating new appliances including a smart refrigerator. The fridge was equipped with all kinds of high-tech features including touch screen displays, a camera inside that allows you to see the contents and Wi-Fi connectivity. You can see inside your fridge while grocery shopping, how convenient!
The Department of Homeland Security (DHS) has submitted a report to Congress that details current and emerging threats to the Federal government’s use of mobile devices and recommends security improvements to the mobile device ecosystem. The DHS Science and Technology Directorate (S&T) led the study in coordination with the National Institute of Standards and Technology and its National Cybersecurity Center of Excellence. Mandated by the Cybersecurity Act of 2015, the “Study on Mobile Device Security” relied on significant input from mobile industry vendors, carriers, service providers and academic researchers.
The Data Briefing: Microservices and Serverless Apps — A New Direction for Federal Government Mobile Apps?
Continuing from last week’s column on DevOps and containers, I will explain two other hot trends in IT — microservices and serverless apps. For those who want official federal government guidance, the National Institute of Standards and Technology (NIST) has released a draft special publication on microservices, application containers, and system virtual machines (PDF, 660 kb, 12 pages, February 2016). I wrote about microservices and containers in February 2015 as two API* trends to watch.
Well-executed partnerships can create better solutions and place them on a bigger platform. Poorly executed ones, on the other hand, can send federal agencies into a bureaucratic tailspin. To partner or not to partner: That is the question. “If you are going to do one, don’t do it because it seems like a good idea,” says Sandeep Patel, open innovation manager at the Department of Health and Human Services (HHS) Idea Lab.
Opening up government to better serve the American people has been a key priority of this Administration from day one. On his first full day in office, President Obama signed the Memorandum on Transparency and Open Government, ushering in a new era of open and accountable government. Since then, the Administration has continued to take unprecedented steps to make government more efficient and effective, including launching Data.gov, establishing the international Open Government Partnership, and signing an Executive Order on Making Open and Machine Readable the New Default for Government Information.
Agencies have used an open data competition approach in their quest to provide anytime, anywhere government. For example, in 2011, the Environmental Protection Agency (EPA) conducted the Apps for the Environment challenge and has a hub for apps created using EPA data. Here’s an update on challenges hosted by other agencies: The National Institute of Standards and Technology (NIST), hosted a nationwide Reference Data Challenge to create mobile apps through Devpost.
The Reference Data Challenge, launched this summer, was a call for innovative approaches to a long-standing role of the National Institute of Standards and Technology (NIST) to make “critically evaluated reference data available to scientists, engineers and the general public.” This challenge—our first-ever app contest and second prize competition as an agency—had the dual aims of improving awareness about and usability of our data. We invited submissions of mobile apps that used at least one of six eligible NIST datasets.
This month we’re highlighting articles about challenge competitions and crowdsourcing across the federal government. Federal agencies can gain a wealth of ideas, services, solutions and products by asking a large, diverse crowd to contribute their talents and skills. Simply put, crowdsourcing means engaging the crowd. Often referred to as a form of open collaboration or innovation, crowdsourcing takes many forms, including challenges (or prize competitions), hackathons, data jams, code-a-thons, workplace surveys, open ideation, micro-tasks or micro-work, citizen science, and crowdfunding.
Challenge.gov Honors Federal Agencies, Staff for Raising the Bar on Public Sector Prize Competitions
The biggest advocates for the use of challenges in the public sector gathered at the General Services Administration (GSA) headquarters, October 8, to acknowledge the remarkable rise of a community that has grown steadily in number and influence over the past five years. More than 300 federal employees representing agencies spanning government attended in person or watched via livestream to mark the five-year anniversary of the Challenge.gov. “It is clear that open innovation is here to stay,” said Kelly Olson, director of the Challenge.
How can government protect citizens while delivering the services they demand in the modern age? This was a theme of the panel discussion on privacy and identity management at the 2015 DigitalGov Citizen Services Summit. “Cybersecurity has really come a long way in the last 10 years, unifying the conversation about risk across organizations,” said Sean Brooks, panelist and privacy engineer at the National Institute of Standards and Technology (NIST), “but privacy has really lagged behind.
The National Institute of Standards and Technology (NIST) wants YOU to help them build native apps. NIST launched the Reference Data Challenge to improve the way the agency shares scientific reference data. They want third party developers from around the country to build native apps that aggregate and improve the usability of free NIST datasets and resources. They are offering $45,000 in prize money and are taking submissions until the end of September.
There’s no doubt that traditional social media sites like Facebook and Twitter have transformed how we communicate with stakeholders. Quora is another tool for agencies seeking to engage highly-educated thought leaders and influencers, policy makers, entrepreneurs, scientists, engineers and journalists worldwide. The brainchild of two former Facebook employees with the backing of Wikipedia’s founder, Quora aims to share and grow the world’s knowledge by serving as a centralized Q&A site.
As a task creator with an ambitious agenda and limited resources, I’ve got a great deal of incentive to make the most use that I can of Open Opportunities. And indeed, Open Opportunities participants have made a concrete and positive difference in the operations of our office, the Advanced Manufacturing National Program Office, part of the National Institute of Standards and Technology in the Department of Commerce. Open Opportunities participants have, among other things:
Sharing Social Media Strategies: The National Strategy for Trusted Identities in Cyberspace Program Office
Creating a tweet, posting a photo, or updating a status may take mere seconds. However, a well-thought-out social media strategy is needed for long-term success. In fact, the recently released U.S. Public Participation Playbook mentions strategy in its very first play: clearly define and communicate your objectives. Knowing what you hope to accomplish and how you want to get there is imperative, and social media is no exception.
Today, people rely heavily on insecure and inefficient means to access federal government applications to conduct business (i.e., they depend on usernames and passwords to log into federal agency services online). Users are required to create and manage several online accounts for different applications, which can become a nuisance, difficult to manage, and creates administrative burden for the organization. Additionally, with the abundance of these weak credentials (i.e., usernames and passwords that are easy to hack and difficult to trust), organizations – including the federal government – are left with minimal confidence in a user’s identity.
Conserving energy is not a shot in the dark. Millions of people can now shine a light on their electricity usage as a result of a dynamic public-private partnership based on open data. The goal of the Green Button Initiative is to provide electricity customers with access to their energy usage data in an easy-to-understand and computer-friendly format. Customers can click on the “Green Button” logo on participating companies’ websites and download their personal energy use information.
No Mobile Gov Month on DigitalGov would be complete without an update on the Internet of Things. Regardless if you’re talking wearables, smart homes, sensors or any other connected device, your current mobile approaches will be impacted—as will your social media, user experience and data strategies. When we last visited the topic in April, discussion in the federal government was minimal. That’s no longer the case. Just this month there were multiple panels about it at the Tech-In-State: Mobile Diplomacy event and the Federal Trade Commision (FTC) was very active at the 2nd Annual Internet of Things Global Summit where FTC Chairwoman Edith Ramirez gave a keynote about challenges around IOT.
Yesterday marked three months since the release of the Digital Government Strategy and agencies have been making great strides in meeting the milestones toward building a 21st Century Government. In his blog, Building-blocks of a 21st Century Digital Government, Steve Van Roekel said: Executing on this vision of government cannot happen alone. To provide the highest value of services, we must rethink from step one how government builds and provides services for the American people.