An independent presidential panel makes recommendations to limit the National Security Agency's surveillance methods, including curtailing the way the government systematically collects and stores metadata from Americans' phone calls.
Jeh Johnson, the new secretary of Homeland Security, is expected to become one of the top advocates of the administration's cybersecurity policy as the White House shifts more IT security responsibilities to DHS.
The White House is intensifying its effort to get federal agencies to adopt continuous monitoring and move away from the paper-based checklist compliance they've followed for a decade under the Federal Information Security Management Act.
Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
The initial phase of the continuous diagnostics and mitigation initiative, a new program to secure government computers, concentrates on helping federal agencies identify and manage their software and hardware assets.
In the next five years, the federal government will work to centralize for civilian agencies' networks a way of identifying cyberflaws and employing diagnostic tools to remediate them, the Department of Homeland Security's John Streufert says.
Face-to-face and over-the-phone social-engineering schemes are increasingly used to perpetrate fraud, highlighting the need for more education and real-time transaction monitoring, says Gartner's Avivah Litan.
John Streufert, the DHS director overseeing the rollout of a federal continuous diagnostic initiative to mitigate IT systems vulnerabilities, expects that many state and local governments will participate in the program.
The massive initiative to deploy continuous monitoring at U.S. federal government agencies will be done in phases, with the initial rollout occurring over three years, the Department of Homeland Security's John Streufert says.
Breach statistics for 2012 show DDoS attacks dramatically increased in all sectors, says Verizon's Dave Ostertag. "If your organization, company or agency has a presence on the Internet, you're a potential victim now."