by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : January 2013
[BrieFing] NEWS ANALYSIS Amid growing concerns about mal- ware threats in the IT supply chain, the Defense Advanced Research Projects Agency is looking for ways to test com- mercial products on a large scale to make sure they're "clean." DARPA has launched the Vetting Commodity IT Software and Firmware (VET) program to nd methods of en- suring that the commercial IT products that the Defense Department buys -- ev- erything from smart phones to routers -- are free of backdoors, malicious code and other potential threats. Supply-chain security has come to the fore recently, with a congressional intelligence panel warning that the Unit- ed States "should view with suspicion" the growth of Chinese telecommunica- tions companies in the U.S. market. A recent report by the Georgia Tech Information Security Center and Geor- gia Tech Research Institute identi ed supply chain threats as serious and hard to detect. Back doors, spyware and other malicious code could theo- retically be designed into products or added by a manufacturer, vendor or integrator. DAR PA's VET program wants to test products before they're installed, which would be a major undertaking. "DOD relies on millions of devices to bring network access and functional- ity to its users," Tim Fraser, DARPA program manager, said in a statement. "Rigorously vetting software and rm- ware in each and every one of them is beyond our present capabilities, and the perception that this problem is simply unapproachable is widespread. The most signi cant output of the VET program will be a set of techniques, tools and demonstrations that will for- ever change this perception." With VET, DARPA wants to develop a three-step process: De ning malice: Given a sample device, how can DOD analysts produce a prioritized checklist of software and rmware components to examine and list broad classes of hidden malicious functionality to rule out? Con rming the absence of malice: How can analysts demonstrate the ab- sence of those broad classes of hidden malicious functionality? Examining equipment at scale: How can the procedure scale to non-spe- cialist technicians who must vet every individual new device used by DOD prior to deployment? • DARPA targets supply-chain threats in hardware, firmware 10 GCN JANUARY 2013 • GCN.COM Agencies not only are dealing with massive amounts of data coming into their systems, they are also being challenged by sorting, ana- lyzing and developing useful information from the data, the storage of which is expanding to an unprecedented scale. So where is it all com- ing from? Big data and full-motion video are propel- ling storage growth in federal agencies, Pierre Bernasconi, a principal consultant at GovWin Consulting, wrote in a recent blog post about GovWin's study of data storage needs. The Defense Department is by far the larg- est spender on a per-agency basis for electronic data storage. The three commands -- Army, Navy and Air Force -- and DOD headquarters accounted for 58.4 percent of all federal spend- ing on electronic data storage. The Health and Human Services Department, the fifth largest department, was the only civilian agency among the top five. Nearly all federal departments are engaged in the $1.02 billion electronic data storage market, but not all of them employ the same storage approach, the study found. Departmental strategies for utilizing electronic data storage are often determined by the sensitivity of their data. For example, Defense and civilian agencies with sensitive personal or national security data generally prefer to keep their data in-house. However, departments such as the IRS and Cen- sus Bureau use contractor-hosted data storage because their cyclical operations make it more cost e ective to pay for actual use rather than to maintain the infrastructure the full year. Increased use of unmanned aerial vehicles in the intelligence community as well as potential integration of UAVs into the national airspace for agriculture monitoring and state and local law enforcement will require significant invest- ments in electronic data storage, the study states. When the study mentions big data, you have to drill down and look at the applications driving data growth, said Mark Weber, president of NetApp's U.S. public sector organization. Specific applications driving big data are cyber- security, packet capture, intelligence, surveil- lance and reconnaissance. "That is where the predominance of data growth will be in the future," Weber said. --- Rutrell Yasin Where does all that agency data come from?