Sunday, July 8, 2012

DHS: Cybersecurity Team


Building a World-Class Cybersecurity Team

By Mark Weatherford, Deputy Under Secretary for Cybersecurity

Today, we are more connected to the Internet than ever before.  We depend on a vast array of interdependent networks for communication, travel, powering our homes, running our economy, and obtaining government services.  With so much of our daily lives dependent on cyberspace, cybersecurity has become an increasingly important part of DHS’ mission, just as it has become a larger priority for state and local governments, businesses, and individuals.

DHS continues to demonstrate our commitment to building the best cybersecurity team in the world by recruiting some of the most talented and experienced professionals available.  Since its creation, the Department has increased its cybersecurity workforce by more than 600 percent while working with universities to develop and attract talent through competitive scholarships, fellowships, and internship programs.

When I joined DHS about six months ago, I quickly realized that we could build on the strong foundation of the Department’s cyber workforce with new skills and leadership to grow and adapt in the face of an evolving cybersecurity environment.

It’s impossible to mention all of the dedicated cybersecurity professionals at DHS, but I’d like to highlight a few recent additions that have propelled us to higher standards and increased our capability as a department:
  • Mike Locatis is the new Assistant Secretary for Cybersecurity and Communications and comes to DHS from the Department of Energy where he was the Chief Information Officer.  He has a breadth of cybersecurity and communications experience across nearly every level of government and the private sector and has a history of charting organization transformations in the federal government.
  • Rosemary Wenchel has joined us as the new Deputy Assistant Secretary for Cybersecurity Coordination.  She will coordinate joint cybersecurity efforts between DHS and the Department of Defense.  Rosemary will also work with the Science and Technology Directorate to ensure the Department’s cybersecurity research and development efforts are fully coordinated with policy and operations. She served previously in DOD where she was responsible for Departmental activities pertaining to policy development, guidance, and oversight of Information Operations.
  • John Streufert joined DHS in January as the Director of our National Cybersecurity Division (NCSD).  John came to DHS from the Department of State (DOS), where he earned national accolades for the successful implementation of state of the art security solutions in federal departments, and transformed DOS’ security posture while enabling it to execute a world-wide mission.
  • Larry Zelvin just joined us as Director of the National Cybersecurity and Communications Integration Center, DHS’ 24x7 center to coordinate cyber awareness across government and the private sector.  Larry has experience at the National Security Staff and the DOD, where he has led interagency and stakeholder outreach related to operations. 
  • Dr. George Moore is the new Technical Director for NCSD and also comes to us from the Department of State.  Dr. Moore is a renowned expert in areas of standards and security controls and will be helping develop programs to bring new levels of security to the Federal Government
  • Danny Toler is our Director of Network Resilience and a recognized expert in transitioning IT delivery toward solutions that are more holistic and integrated.  Danny came from the Department of State, and his leadership will be crucial in helping us develop cloud and managed security service solutions that result in new levels of efficiency across the government.
  • Ron Hewitt is the new Director of the National Communications System.  A recently retired Rear Admiral from the U.S. Coast Guard, Ron has an incredible track record of bringing together diverse communities to work together toward a common goal, particularly in the areas of information technology, communications, and first responders.
  • Tom Baer has come aboard as the Deputy Director of US-CERT.  Hailing from the Federal Bureau of Investigation where he was their Chief Information Security Officer, Tom is an expert in the areas of forensics and analysis and, with impressive leadership credentials, he is charged with broadening outreach efforts and intergovernmental coordination for US-CERT.
These new members of our vast cybersecurity team bring a wide array of experience and skills.  Building on the successes of our strong and robust team, we are taking the DHS cybersecurity program to new levels that will ultimately enhance the security and safety of our nation.

Saturday, July 7, 2012

Webinar\Training: Guidelines Governing Criminal Background Checks

National Reentry Resources Center

Council of State Governments Justice Center

Supported by the Bureau of Justice Assistance


Hosted by the National Employment Law Project, and the National Reentry Resource Center
The nation’s 3,000 One-Stop Career Centers and their partners in the employer, non-profit, and worker rights communities play a critical role in assisting people with criminal records in finding employment. However, the workforce development community also faces challenges as workers struggle to navigate the new realities of criminal background checks for employment.

Thanks to new guidelines issued by the U.S. Department of Labor Employment and Training Administration (ETA) and Civil Rights Center (CRC), the federally-funded workforce development and employment exchange community (i.e., programs funded by the Workforce Investment Act and the Wagner-Peyser Act) are now better positioned to respond to these challenges. The guidance educates employers and workers about the civil rights and consumer protection considerations that regulate criminal background checks for employment.

DOL's guidance letter complements the new guidance recently issued by the U.S. Equal Employment Opportunity Commission, which addresses the disproportionate impact of criminal background checks on people of color. The DOL guidance provides a step-by-step guide, including model notices for both employers and workers, to ensure that the workforce development community promotes maximum compliance with the law.
Presenters:
  • Jane Oates, Assistant Secretary, Employment Training Administration, U.S. Department of Labor
  • Maurice Emsellem, Policy Co-Director, National Employment Law Project
  • Charles Turner, Adult Career Services Re-Entry Manager, Oakland Private Industry Council, Inc.
  • Others TBA
Date: Wednesday, July 18, 2012
Time: 2:15-3:15 p.m. ET
To register for this webinar, please click here.


This is a National Reentry Resource Center Announcement. This announcement is funded in whole or in part through a grant (award number: 2010-MUBX-KO84) from the Bureau of Justice Assistance, Office of Justice Programs, U.S. Department of Justice. Neither the U.S. Department of Justice nor any of its components operate, control, are responsible for, or necessarily endorse, this newsletter (including, without limitation, its content, technical infrastructure, and policies, and any services or tools provided). 

FCC: Network Outage Reporting System (NORS) Communications Infrastructure.


NETWORK OUTAGE REPORTING SYSTEM (NORS)

network outage
Obtaining information on communications service disruptions is essential to the FCC's goal of ensuring the reliability and security of the nation's communications infrastructure. Accordingly, the FCC requires communications providers, including wireline, wireless, paging, cable, satellite and Signaling System 7 service providers, to electronically report information about significant disruptions or outages to their communications systems that meet specified thresholds set forth in Part 4 of the FCC's rules (47 C.F.R. Part 4). Communications providers must also report information regarding communications disruptions affecting Enhanced 9-1-1 facilities and airports that meet the thresholds set forth in Part 4 of the FCC's rules. Given the sensitive nature of this data to both national security and commercial competitiveness, the outage data is presumed to be confidential.
NORS is the web-based filing system through which communications providers covered by the Part 4 reporting rules submit reports to the FCC. This system uses an electronic template to promote ease of reporting and encryption technology to ensure the security of the information filed. The Communications Systems Analysis Division of the FCC's Public Safety and Homeland Security Bureau administers NORS, monitors the outage reports submitted through NORS and performs analyses and studies of the communications disruptions reported.

FCC DOCUMENTS PERTAINING TO NETWORK OUTAGE REPORTING:

FCC: Disaster Information Reporting System (DIRS) for Communications Companies


DISASTER INFORMATION REPORTING SYSTEM (DIRS)



DIRS is a voluntary, web-based system that communications companies, including wireless, wireline, broadcast, and cable providers, can use to report communications infrastructure status and situational awareness information during times of crisis.
The FCC encourages all communications providers to enroll in DIRS to be better prepared to respond and recover in the event of a disaster.

BENEFITS FOR COMMUNICATIONS PROVIDERS

  • Designate contact: Allows communications providers to identify the appropriate contact for his/her station during emergencies; and, in turn, eliminates lost time when trying to identify and coordinate with the federal contacts who can provide immediate assistance.
  • Receive help: Provides an avenue for communications providers to restore their operations and receive additional help during emergencies, e.g., securing generators, fuel, etc.
  • Streamline requests: Reduces the number of requests from various government agencies for status of each station. Other government agencies will rely on the FCC (DIRS) for status of each broadcast station.
  • Aid your community: Better ensures that communications providers will be able to serve their communities, providing them with critical updates and risk communications information from reliable and credible sources during emergencies.

In the event of a major disaster, the FCC and the Department of Homeland Security's National Communications System need to have accurate information regarding the status of communications services in the disaster area, particularly during restoration efforts.
When activated, DIRS will collect information concerning:
  • Switches
  • Public Safety Answering Points (used for E9-1-1)
  • Interoffice facilities
  • Cell sites
  • Broadcast stations
  • Cable television systems

HOW TO ENROLL IN DIRS:

  • Click the “Enroll” button.
  • Click “Accept” to enter the secure, protected sign-up site.
  • You will need the following information to sign up:
    • Reporting Company
    • Company ID (for existing company accounts)
    • Type of Company (Cable, Wireless, etc)
    • Contact Person
    • Phone Number, with extension of contact
    • Cell Phone Number
    • Blackberry Number
    • E-Mail
    • Address
  • Click “Submit” and record the username and password generated for your account. You can update the username and password once logged in.

FREQUENTLY ASKED QUESTIONS

RELEASES

Friday, July 6, 2012

Privacy. Email. Is US Government reading email without a warrent?


Is US government reading email without a warrant? It doesn't want to talk about it

Jonathan Sanger / msnbc.com
Catherine Crump, a staff attorney for the ACLU
Does the U.S. government read your email? It's a simple question, but apparently there's no simple answer. And the Justice Department and the Internal Revenue Service are reluctant to say anything on the topic.
In March, the American Civil Liberties Union caused a nationwide stir when the advocacy group released the results of its year-long investigation into law enforcement use of cellphone tracking data. After issuing hundreds of Freedom of Information Act requests, the ACLU learned that many local police departments around the country routinely pay mobile phone network operators a small fee to get detailed records of historic cell phone location information. The data tell cops not just where a suspect might have been at a given moment, but also create the possibility of retracing someone's whereabouts for months. In most cases, law enforcement obtains the data without applying for a search warrant; generally, subpoenas are issued instead, which require law enforcement to meet a lower legal standard.


ACLU lawyer Catherine Crump, who ran the cellphone location data investigation, is at it again. This time, she has filed similar Freedom of Information Act requests with several federal agencies, asking about their policies and legal processes for reading Internet users' emails.

"It's high time we know what's going on," Crump told msnbc.com. "It's been clear since the 1870s that the government needs a warrant to read postal mail. There's no good reason email should be treated differently."
There are hints that it is being treated differently, however. In a landmark 2010 case, United States v. Warshak, government investigators acknowledged that they read 27,000 emails without obtaining a search warrant, violating both the suspect's privacy and the privacy of everyone who communicated with the suspect, according to Crump.

Evidence obtained during that email search was thrown out on appeal by the 6th U.S. Circuit Court of Appeals, but that ruling applies only to four U.S. states.

The case opened a window into what Crump fears is a widespread practice.
In the aftermath of the Warshak case, the Internal Revenue Service told its investigators that they should not try to obtain emails without a court order, but in doing so it hinted that other warrantless email searches had been conducted in the past.

For now, hints are all we have. Crump's Freedom of Information Act requests -- filed in February with the FBI, the IRS, the Justice Department's Office of Legal Counsel and other agencies -- were largely ignored, she says. So on June 14, she filed a lawsuit in the Southern District of New York in an attempt to force the agencies to comply.

"Four months have passed and I haven't gotten a single document," she said. "The American people have a right to know."

The federal agencies have until July 19 to reply to the lawsuit. The FBI is not included in the lawsuit because it replied recently denying Crump's request, saying it was too broad. The ACLU is appealing that determination through a different legal procedure.

Justice Department spokesman Charles Miller directed all questions about the matter to the agency's New York office. A spokeswoman for that office, Ellen Davis, said she couldn't discuss it.

"We do not comment on ongoing litigation," Davis said in an email.
Julianne Breitbeil, a spokeswoman for the IRS, said federal privacy laws prevent the agency from discussing the lawsuit.

The Justice Department and the Obama administration had a chance to settle the issue in April 2011, during a Senate hearing on the Electronic Communications Privacy Act. Instead, officials with both the Commerce and Justice departments failed to provide any clarity. Instead, a Justice Department official argued against extending Fourth Amendment protections -- specifically strict warrant requirements -- to email, saying that doing so would hinder investigations.

"Congress should consider carefully the adverse impact on criminal as well as national security investigations if a probable-cause warrant were the only means to obtain such stored communications," James Baker, associate deputy attorney general, testified at the hearing.

Crump interpreted the testimony as indicating that warrantless email searches by federal agents are routine.
"It was disappointing when the Obama administration refused to commit one way or the other to obtaining a warrant," she said. "It leads me to suspect the federal government isn't getting warrants."

The 1986 Electronic Communications Privacy Act and its subsection, the Stored Communications Act, provides some guidelines for law enforcement review of email, but those are badly out of date now. They declare that federal authorities don't need a warrant for data that's stored externally (as opposed to locally, on a person's hard drive) if it's more than 6 months old. Given the ubiquity of services like Web-based Gmail, the 180-day distinction and the local vs. network storage issues are both now largely meaningless, and that's essentially what the 6th Circuit Court found.

The discussion of requirements for email searches is more relevant than ever, given the explosion of social networks and their semi-private conversation tools and the coming of age of cloud services, where corporations are encouraged to keep all data in shared spaces that would fall under the Stored Communications Act. Concerned that such privacy issues would slow adoption of cloud services, a coalition of cloud-friendly companies calling itself "Digital Due Process," has argued for updates to the Electronic Communication Act that would require higher legal standards for digital evidence gathering.





A critical element of the email issue is a debate about whether the Fourth Amendment requires the government to get warrant based on probable cause in order to read a suspect’s email. To get a warrant, the government must appear before a judge, and convincingly argue that inspection a suspect’s email will probably turn up evidence of a crime.

"The warrant and probable cause requirement safeguard Americans' privacy in two important ways. Having to go to a judge means there is someone involved whose job it is to look out for the target's rights. And having to demonstrate probable cause will reduce the chances that innocent people have their communications read," Crump said.

The distinction is also important as the U.S. government plunges headlong into new high-tech surveillance technologies, such as its massive new million-square-foot "Utah Data Center," under construction in rural Utah for the National Security Agency. The facility is designed to help protect cyberspace, NSA official have said. But Wired Magazine published a cover story earlier this year arguing that the facility will be capable of monitoring every email and text message sent around the world -- including messages to and from U.S. citizens. It is scheduled to come online in 2013.

The NSA denies that the facility will be used to spy on Americans, but it's hardly far-fetched to surmise it will have such capabilities.

Explosion of such technological capabilities is why clarifying digital Fourth Amendment rights is so critical, Crump said.

"No data is more personal than email correspondence," she said. "Email is deeply personal and private. It is an unfiltered view of our thoughts and a catalog of our relationships stretching back for years. Government agents should not be allowed to troll through all of our most private correspondence without proving to a judge that they have probable cause to believe that a search will turn up evidence of a crime."

Thursday, July 5, 2012

Tuskegee Airmen. 2012 Bridge Dedication. Boston, MA


Tuskegee Airmen 7.17.12
You are invited to...

A Bridge Dedication in Honor of the
Tuskegee Airmen

Tuesday, July 17, 2012 at 10:30am
American Legion Highway and Morton St., Dorchester
The bridge is located outside VFW Post 1018
(with Tank out front)

The Museum of African American History is proud to announce the special occasion
of a bridge dedication in honor of the legendary Tuskegee Airmen, a group of heroic African American pilots who fought in World War II.

This event is sponsored and organized by the City of Boston.

RSVP to Walter Apperwhite at Walter.Apperwhite@cityofboston.gov

LOGO
This is not a Museum of African American History event.  

Wednesday, July 4, 2012

Anxiety. Effective Therapy

ScienceDaily: Your source for the latest research news 
and science breakthroughs -- updated daily


Cognitive-Behavioral Therapy Effective in Combatting Anxiety Disorders, Study Suggests

ScienceDaily (June 28, 2012) —

Whether it is a phobia like a fear of flying, public speaking or spiders, or a diagnosis such as obsessive compulsive disorder, new research finds patients suffering from anxiety disorders showed the most improvement when treated with cognitive-behavioral therapy (CBT) in conjunction with a "transdiagnostic" approach -- a model that allows therapists to apply one set of principles across anxiety disorders.  

The combination was more effective than CBT combined with other types of anxiety disorder treatments, like relaxation training according to Peter Norton, associate professor in clinical psychology and director of the Anxiety Disorder Clinic at the University of Houston (UH).
Norton concludes that therapists treating people with anxiety disorders may effectively use a treatment that applies one set of principals across all types of anxiety disorders. The findings are the result of a decade of research, four separate clinical trials and the completion of a five-year grant funded by the National Institute of Mental Health.
Norton defines anxiety disorders as when anxiety and fear are so overwhelming that it can start to negatively impact a person's day-to-day life. He notes anxiety disorders include: panic disorder, obsessive-compulsive disorder (OCD), post-traumatic stress disorder (PTSD), social anxiety disorder, specific phobias and generalized anxiety disorder. Often anxiety disorders occur with a secondary illness, such as depression, substance or alcohol abuse. Norton says there are targeted treatments for each diagnosis, but there has been little recognition that the treatments don't differ much, and they only differ in very specific ways.
"The Diagnostic and Statistical Manual of Mental Disorders (DSM) has been an important breakthrough in understanding mental health, but people are dissatisfied with its fine level of differentiation," said Norton. "Panic disorders are considered something different from social phobia, which is considered something different from PTSD. The hope was that by getting refined in the diagnosis we could target interventions for each of these diagnoses, but in reality that just hasn't played out."
As a graduate student in Nebraska, Norton couldn't get enough people together on the same night to run a group treatment for social phobia, and that marked the beginning 10 years of work on the transdiagnostic treatment approach.
"What I realized is that I could open a group to people with anxiety disorders in general and develop a treatment program regardless of the artificial distinctions between social phobia and panic disorder, or obsessive-compulsive disorder, and focus on the core underlying things that are going wrong," said Norton.
Norton finds cognitive-behavioral therapy (CBT), a type of treatment with a specific time frame and goals, helps patients understand the thoughts and feelings that influence behaviors to be the most effective treatment. The twist for him was using CBT in conjunction with the transdiagnostic approach. The patients receiving the transdiagnostic treatment showed considerable improvement, especially with treating comorbid diagnoses, a disease or condition that co-exists with a primary disease and can stand on its own as a specific disease, like depression.
"What I have learned from my past research is that if you treat your principal diagnosis, such as social phobia and you hate public speaking, you are going to show improvement on some of your secondary diagnosis. Your mood is going to get a little better, your fear of heights might dissipate. So there is some effect there, but what we find is when we approach things with a transdiagnostic approach, we see a much bigger impact on comorbid diagnoses," said Norton. "In my research study, over two-thirds of comorbid diagnoses went away, versus what we typically find when I'm treating a specific diagnosis such as a panic disorder, where only about 40 percent of people will show that sort of remission in their secondary diagnosis. The transdiagnostic treatment approach is more efficient in treating the whole person rather than just treating the diagnosis, then treating the next diagnoses."
Norton notes the larger contributions of the studies are to guide further development and interventions for how clinical psychologists, therapists and social workers treat people with anxiety disorders. The data collected will be useful for people out on the front lines to effectively and efficiently treat people to reduce anxiety disorders.
Norton is the author of the book, "Group Cognitive-Behavioral Therapy of Anxiety. A Transdiagnostic Treatment Manual," and co-author of "The Anti-Anxiety Workbook: Proven Strategies to Overcome Worry, Phobias, Panic and Obsessions." He has authored more than 90 research papers on such topics as anxiety disorders, CBT and chronic pain, and he serves on the editorial boards of two scientific journals.

RECOMMENDED READING LIST

Search This Blog

ARCHIVE List 2011 - Present