Are you committing any of the seven deadly sins that get users hacked? From devising weak passwords to using unprotected public WiFi, we all occasionally do things that make a hacker’s job easier. Welcome to the weekly news kickoff. Enjoy these highlights – from a secure network.
7 Deadly Sins That Get Users Hacked
In an Information Week blog, Ericka Chickowski shares the simple things users do that make it easy to hack them. She says phishing is still one of the most powerful and simple ways to start even the most sophisticated of attacks. It remains a hacker’s best friend because it works. How many of the seven deadly sins have you committed?
Agencies Overestimated IT Savings by $3.8B
Agencies’ projected savings on IT projects over the past two years were drastically overstated, according to a new report from the Government Accountability Office, which found that expected savings through PortfolioStat reporting were overestimated by at least 66 percent, Federal Times reports. When PortfolioStat was established in 2013, agencies projected $5.8 billion in savings through better efficiencies in IT spending. As of fiscal 2015, however, agencies have realized only about $2 billion in cost reductions. The Defense Department is cited as the biggest offender.
Army Says Intelligence System is Getting Easier to Use
The Army’s evolving global intelligence system has come in for a lot of criticism in the last couple of years, with users complaining it is difficult to use and unreliable, Defense Systems reports. Army leaders, taking those criticisms to heart, are promising that future versions will be much more user-friendly. At a hearing last week before the Senate Armed Services Committee’s subcommittee on Airland, a top Army leader admitted the difficulties soldiers have had with the system and said the service is working to correct the problem.
The User Knows Nothing: Rethinking Cybersecurity
True cybersecurity requires a new way of thinking — an Inverse Shannon’s Maxim, according to an article in Federal Times. Claude Shannon, a WWII era mathematician and cryptographer, developed Shannon’s Maxim: The enemy knows the system. The article postulates that to get to a place of true cybersecurity, another stark innovation in thinking is needed with an Inverse Shannon’s Maxim: The user knows nothing. To create a truly secure network, systems can no longer rely on users to do the right thing at all times. People make mistakes — someone will click when he shouldn’t, use “qwerty” as a password, or leave a laptop, unlocked, in a coffee shop. Do you agree?
Feds Get Guidance on Social Media Posting
The Office of Government Ethics last week issued a legal advisory on how the Standards of Ethical Conduct for Employees of the Executive Branch applies to the workforce’s use of social media, FedScoop reports. The rules, spurred by “the increased volume of questions that OGE receives from various agencies seeking advice in this area,” are fairly straightforward extensions of OGE’s standards of conduct. They also hold the same penalties, up to firing, for violators. While the office doesn’t forbid federal employees from maintaining a social media account, it advises them to limit the capacity in which they do so as a public agent.