Update on Google Street View data collection: Congress asking for answers

While investigations on many aspects of Google’s wireless data collection practices are ongoing in the U.S. and many other European countries (most recently including the Czech Republic), the first major legal action against the company has…

Former acting cybersecurity czar provides legislative summary of bills in 111th Congress

Former acting cybersecurity czar Melissa Hathaway, who in early 2009 led the Obama administration’s 60-day review of cybersecurity policy and who is now a senior advisor working at the Harvard Kennedy School’s Belfer Center for Science…

Hard to believe Google’s wi-fi data capture was accidental, may or may not be illegal

With momentum building in many countries for investigations into potential privacy violations and other possible transgressions by Google related to its practice of capturing unencrypted wireless network traffic as a part of its Google Street View…

NASA implements policy to suspend C&A in favor of continuous monitoring

Taking the latest information security guidance from OMB to heart, NASA Deputy CIO for Information Security Jerry Davis issued a directive this week to all NASA ISSOs, system owners, authorizing officials, and IT manager and operators…

Issues raised about no-fly list checks provide a nice lesson in disparate impact of false positives and false negatives

The last-minute apprehension of the would-be Times Square bomber, who had already boarded an international flight despite being placed on the government’s no-fly list, provides one of the rare instances where real-time integration or data propagation…

HITECH restrictions on sale of health record data constrain some EHR plans

As the provisions of the Health Information Technology for Economic and Clinical Health (HITECH) Act continue to be implemented, many health care organizations are beginning to understand that changes to security and privacy requirements originally promulgated…

Federal agencies have a window of opportunity to move on continuous monitoring

The call now seems to coming from all sides that federal government agencies need to fully embrace risk-based approaches to information security and move towards continuous monitoring and enterprise situational awareness. OMB, in coordination with the…