by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : October 2012
GCN OCTOBER 2012 • GCN.COM 7 [datapoint] 'New FISMA looks a lot like old FISMA' The most common concern for federal IT security professionals is regulatory compli- ance, according to nCircle s recently released 2012 Federal Information Security Initiatives Trend Study. The results indicate misplaced priorities, said Karen Cummins, nCircle s director of federal markets. "If you pick compliance, that suggests we re a little out of balance," she said. Agencies are expected to have risk- based security policies and controls in place to help counter the growing threat of online attacks. But despite changes in the way the Federal Information Security Management Act is being implemented, success still is being measured by reporting rather than by results. "Continuous monitoring" is being replaced by the term "continuous diagnos- tics and mitigation," which Cummins said better reflects the goals of the program. Automated data streams can be powerful tools for risk remedia- tion, but what is being measured is the ability to report the data to DHS rather than its use within an agency. As a result, "the new FISMA looks a lot like the old FISMA," Cummins said. FISMA metrics that continue to focus on agency compliance rather than on results still can inhibit progress in securing federal IT systems. You might start hearing a lot about sparse data in the near future and its impact on network infrastructure. If well-managed and planned for, sparse data can make an entire organization more e cient. But if left to grow and populate on its own, it could easily overwhelm government servers with a flood of informa- tion, resulting in a kind of death by a thousand small cuts. Sparse data is a term used to describe information coming from sensors or other non-IT devices. It s also sometimes called thin data, though sparse is probably the better term. It s a sensor recording the temperature and humidity lev- els, or how often something is used. When the sensor reports that data, it s really just a blip of information within the overall structure, hence the name. Sparse data almost always goes one way, from the sensor to the network. Although it s just a bit of data now, in the future, there may be many more of these devices, and in unique areas. Jerry Gentry, vice president, IT program management at Nemertes Research, sees a future where everything from the co ee maker to your o ce chair is implanted with sensors. That may seem like a bunch of junk data, or perhaps a world of Big Brother gone mad, but if you compile all that data in a reason- able way, it can tell you things about your o ce, such as which routes will be taken in an emer- gency, or how much harder your HVAC has to work if more desks are placed in a certain area. Government agencies, like other operations, could use this kind of data to more e ciently manage buildings, but compil- ing sparse data is already being used in other ways, such as monitoring tra c on bridges and roadways, or in a variety of weather monitors or tsunami prediction systems. Sensors are increasingly being deployed by agencies, which means sparse data likely will become a term you ll hear more often. Gentry envisions implant- ing sensors into seeds, which would then grow with a plant, and signal farmers when the crop is in distress or ready to be harvested. I guess we would eventually eat them. But we are a bit far from that right now. Still, some sparse data is streaming into data centers today, and it would be in our best interest to figure out how to adequately administer it while it s still manageable. --- John Breeden EXPLAINER It's called 'sparse data,' and could be a big deal Source: nCircle What is your biggest security concern for 2012? 29% Meeting security compliance requirements Source: nCircle 20% Cloud computing 17% Advanced persistent threats 14% Mobile devices and BYOD 1% VOIP vulnerabilities 2% Social media 8% Web application vulnerabilities 9% Securing virtualized infrastructures