The recent GFIRST Conference – a forum for incident response and security teams – covered the gamut of security topics with a surprisingly colorful and entertaining array of session titles. While my session title, “Continuous Monitoring 2.0″ , may have lacked the bedazzle factor of “Hack the database…and other cocktail party tricks”, “Bad Karma Chameleon”, “Welcome to McSecurity, would you like fries with your scan?”, it did capture audience sentiment about the government’s CyberScope initiative and the push for continuous network monitoring.
So what’s causing the angst among federal IT security managers about CyberScope’s current state of play? Keep reading →
Back in February, senators expressed dismay at a multi-million dollar anti-fraud computer system installed by the Centers for Medicare and Medicaid Services. CMS hoped to prevent fraudulent payments, reversing its standard mode of paying, discovering and chasing after money that wrongly went out the door.
In April, the Health Care Fraud Prevention and Enforcement Action Team, or HEAT, from Health and Human Services, made announcements in Chicago. The Attorney General and the HHS secretary highlighted their high-tech war against CMS fraud, and announced a slew of procedural and legal changes. But most of it focused on stronger fraud penalties, prosecutions, and suspensions or debarments of Medicaid contractors. Nothing was said of the $77 million system. Keep reading →