Design
security in from the start? What an old concept!
DOD/GSA
Report – Improving Cybersecurity and Resilience through Acquisition
by Sabrina
I. Pacifici on February 2, 2014
“On
February 12th, 2013, the President issued Executive Order 13636,
entitled Improving
Critical Infrastructure Cybersecurity (EO 13636). In accordance
with Section 8(e), GSA and the Department of Defense submitted
recommendations
to the President addressing the feasibility,
benefits, and merits of incorporating cybersecurity standards into
acquisition planning and contract administration, and
harmonizing procurement requirements. The jointly authored report
containing the recommendations it titles, Improving
Cybersecurity and Resilience through Acquisition. The report
provides a path forward to aligning Federal cybersecurity risk
management and acquisition processes. It provides strategic
recommendations for addressing relevant issues, suggests how
challenges might be resolved, and identifies important considerations
for the implementation of the recommendations. The ultimate goal of
the recommendations is strengthening the cyber resilience of the
Federal government by improving management of the people, processes,
and technology affected by the Federal Acquisition System. The
recommendations focus on the need for baseline cybersecurity for
Federal contractors, comprehensive workforce training, consistent
cybersecurity terminology for contracts, incorporation of cyber risk
management into Federal enterprise risk management, development of
more specific and standardized security controls for particular types
of acquisitions, limiting purchases to certain sources for higher
risk acquisitions, and increasing government accountability for
cybersecurity throughout the development, acquisition, sustainment,
and disposal lifecycles.”
I would imagine some
universities are also resources (not just tech firms)
National
Guard units help states ward off cyberattacks
… Colorado
Governor John Hickenlooper, vice chairman of the National
Governors Association, said in the recent annual State of
the States speech in Washington, D.C., “as the nation develops
resiliency to cyberattacks, the Guard should be mobilized to support
federal and state efforts to protect networks and respond to
incidents. While the federal government seeks to clarify how it will
work with the private sector and states to better secure cyberspace,
states are already moving forward to develop and implement new cyber
policies to protect their economies and ensure public safety.”
The National
Defense Authorization Act, which passed on 26 December 2013,
requires the Pentagon to consider the National Guard’s cyber
capabilities as it may support the Pentagon’s cybersecurity
measures. The Act orders the Pentagon
to consult with governors about their states’ cybersecurity needs
and their states’ Guard units’ ability to assist in this area.
Interesting.
I wonder who my Official, “go to” Ethics guy should be now that
Dean Dan Vigil has (mostly) retired?
ABA
– 10 Tips for Avoiding Ethical Lapses When Using Social Media
by Sabrina
I. Pacifici on February 2, 2014
“You may be among the
thousands of legal professionals flocking to social media sites like
LinkedIn,
Facebook,
Twitter,
or Google+
to expand your professional presence in the emerging digital
frontier. If so, have you paused to consider how the ethics rules
apply to your online activities? You should. Some of the ethical
constraints that apply to your social media usage as a legal
professional may surprise you. Moreover, legal ethics regulators
across the country are beginning to pay close attention to what legal
professionals are doing with social media, how they are doing it, and
why they are doing it. The result is a patchwork quilt of ethics
opinions and rule changes intended to clarify how the rules of
professional conduct apply to social media activities. This article,
Cby hristina Vassiliou Harvey, Mac R. McCoy, Brook Sneath, provides
10 tips for avoiding ethical lapses while using social media as a
legal professional. The authors cite primarily to the ABA Model
Rules of Professional Conduct (RPC) and select ethics opinions from
various states. In addition to considering the general information
in this article, you should carefully review the ethics rules and
ethics opinions adopted by the specific jurisdiction(s) in which you
are licensed and in which your law firm maintains an office.”
Not the most
up-to-date site I've ever seen. Perhaps my students could add to
this?
Cornell
University Digital Literacy Resource
by Sabrina
I. Pacifici on February 2, 2014
The
Digital Literacy Project – Cornell University: “Digital
literacy is the ability to find, evaluate, utilize, share, and create
content using information technologies and the Internet. As a
Cornell student, activities including writing papers, creating
multimedia presentations, and posting information about yourself or
others online are all a part of your day-to-day life, and all of
these activities require varying degrees of digital literacy…
Digital literacy is an important topic because technology is
changing faster than society is. The same advances that enhance
leisure and make our work easier—those that make it possible for us
to search online databases, text friends, and stream media—also
present urgent challenges to the social norms, market models, and
legal frameworks that structure our society. The rules of
appropriate behavior in these digital contexts may be unknown or
unknowable. Well-established concepts such as copyright, academic
integrity, and privacy are now difficult to define, as their meanings
are in flux. This digital literacy site is a resource you can come
to again and again during your time at Cornell, to get up-to-date
information about issues like these. Look here to learn about
Cornell’s recommendations for finding, evaluating, and citing
information sources online; to learn about copyright law; to read and
hear Cornell faculty viewpoints on plagiarism; and to get our best
advice regarding privacy practices on the Internet. Look here, too,
for links to many other Cornell resources on these topics.”
No comments:
Post a Comment