"The same American ingenuity that put a man on the moon also created the Internet," President Obama says. "We must now harness that spirit of innovation to ... secure technologies to build a safer, more prosperous future for all Americans."
The video gaming company Sega says it brought down its online Sega Pass gaming because of unauthorized entry of its database, in which hackers obtained some members' e-mail addresses and encrypted passwords.
Phishing represented more than half of the 107,439 cyber incidents compiled by the U.S.-CERT for fiscal year 2010 from federal, state and local governments, commercial enterprises, American citizens and foreign CERT teams.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
Topics to be addressed at the NIST cloud computing forum include the cloud's trustworthiness and standards. Google Chief Internet Evangelist Vint Cerf and NIST Director Patrick Gallagher also will speak.
"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
Until the IRS corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders, GAO auditors says.
Describing it as the capstone publication of a partnership with the defense and intelligence communities, NIST publishes new guidance on managing security risk associated with the operation and use of IT systems.
NIST updates its national checklist program for IT products, tech specs for SCAP and guide to using vulnerability naming schemes as well as providing a status report on its cryptographic hash algorithm competition.