Implementations and pilots of blockchain continue across government. The benefits of blockchain, including decentralization, immutability, security, and transparency, are appealing in government as they relate directly to mandates around security, privacy, and data openness. It is these needs that will drive further acceptance and use of blockchain.
As this article points out, innovation is not found in just one technology alone - it is a combination of inventions that when used together toward a specific goal create a new way of doing something. The example cited is the airplane. Human flight was made possible by the desire to travel faster and the combination of technologies and discoveries such as the gasoline engine and aerodynamics. Similarly, the goal of peer-to-peer transactions powered by blockchain will be achieved when the technology is combined with other innovations and processes. Some early successes fueling the wide application of blockchain include:
In October, ghosts and goblins come to life as decorations on front lawns and as candy-seeking children knocking on our doors. But stepping away from the frivolity of Halloween, October has also become a time for us to reflect on the real threats we face year-round when it comes to our data, identity privacy and online security.
National Cybersecurity Awareness Month (NCSAM), spearheaded by the Department of Homeland Security (DHS), is a "collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online." This year's theme is Own IT. Secure IT. Protect IT. Programs around the country will address topics including citizen privacy, securing consumer devices, and eCommerce security.
More than IT professionals talking to one another, NCSAM aims to reach out to the public to emphasize personal accountability and educate people about the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. The NCSAM website has some handy guides that can be shared to educate people on these actionable steps.
The Internet of Things (IoT) is made up of webcams, sensors, thermostats, microphones, speakers, cars, and even stuffed animals. All of these connected devices can help individuals and organizations stay connected across geographic distances, keeping tabs on and managing assets from miles away. The data they collect can be combined with other data sets to create actionable advice for better management and service.
This holds incredible promise for local governments and federal agencies charged with maintaining safe operating fleets and facilities. There's also the application for improving the routing of field technicians as well as traffic flow in general. But, as every superhero knows, with great power comes great responsibility.
As with any technology, IoT standards need to be developed for effective and safe use as well as to enable interoperability. NIST has been working on defining standards and recently released Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks, but no federal agency is currently claiming jurisdiction over IoT policy and rule-making. In this vacuum, the legislative branch is getting involved. This past November, the House passed the SMART IoT Act that tasks the Department of Commerce with studying the current U.S. IoT industry. A Senate bill was introduced to manage what types of IoT devices the government can purchase, ensuring that all IoT tech in government is patchable and has changeable passwords. Finally, states are even weighing in on the proper use of IoT in government. California passed the first IoT cybersecurity law, making device manufacturers ensure their devices have "reasonable" security features. Continue reading
Blockchain is a complex technology that aims to streamline repetitive, data-intensive tasks. It has become more than a hot buzzword in government IT circles, it is already being put into practice.
One way to think of blockchain is as a database that is jointly managed by a distributed set of participants. Adding data requires the "sign off" of everyone in the chain, verifying that the transaction is legitimate. Because of this interconnectedness, it is inherently secure. Every piece is linked to another, changing one piece will impact the rest of the chain (just like that one bulb going out on your Christmas lights) alerting all owners to an issue.
Government agencies are drawn to the security and transparency provided by blockchain to improve the efficiency and stability of processes requiring strict audit trails. NIST has provided guidance to help educate as well as encourage organizations to begin trying out blockchain approaches. Continue reading
Every October, the cybersecurity community comes together to highlight how each of us plays a role in the security of not just our own online identities, but of cyberspace as a whole. This year, National Cyber Security Awareness Month, organized by the Department of Homeland Security, is celebrating its 15th anniversary. This month is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online while increasing the resiliency of the Nation during cyber-threats.
The theme for 2018 is "Cybersecurity is our shared responsibility, and we all must work together to improve our Nation's cybersecurity." This focus on responsibility, both individual and organizational, is critical for a population becoming more and more dependent on Internet connectivity. A recent study found that while government tends to have better cyber hygiene than most industry sectors, overall, we are not doing all we can to secure our networks and all of the devices that connect to them. Only 50 percent of respondents said they were running authenticated scans and were able to patch vulnerabilities within a week of detection. Almost half use dedicated workstations and networks for administrative activities, but over 40 percent do not use multifactor authentication or don't require unique passwords for each system. Continue reading