Implementation Status of the Enhanced Cybersecurity Services Program (PDF)
Source: U.S. Department of Homeland Security, Office of Inspector General
The National Protection Programs Directorate (NPPD) is primarily responsible for fulfilling the DHS national, nonͲlaw enforcement cybersecurity missions. Within NPPD, the Office of Cybersecurity and Communications is responsible for the implementation of the Enhanced Cybersecurity Services program. Our overall objective was to determine the effectiveness of the Enhanced Cybersecurity Services program to disseminate cyber threat and technical information with the critical infrastructure sectors through commercial service providers.
NPPD has made progress in expanding the Enhanced Cybersecurity Services program. For example, as of May 2014, 40 critical infrastructure entities participate in the program. Additionally, 22 companies have signed memorandums of agreement to join the program. Further, NPPD has established the procedures and guidance required to carry out key tasks and operational aspects of the program, including an inͲdepth security validation and accreditation process. NPPD has also addressed the privacy risk associated with the program by developing a Privacy Impact Assessment. Finally, NPPD has engaged sector-specific agencies and government furnished information providers to expand the program, and has developed program reporting and metric capabilities to monitor the program.
Although NPPD has made progress, the Enhanced Cybersecurity Services program has been slow to expand because of limited outreach and resources. In addition, cyber threat information sharing relies on NPPD’s manual reviews and analysis, which has led to inconsistent cyber threat indicator quality.
Geo-Fence Technology in Delivery Operations (PDF)
Source: U.S. Postal Service, Office of Inspector General
The U.S. Postal Service is developing and pilot testing the Delivery Management System to improve carrier efficiency during street delivery. This system combines Global Positioning System data and other data from various systems to allow supervisors to see “at a glance” the location of each carrier and whether they are ahead of or behind their scheduled delivery time. These scheduled delivery times are based on each routes’ base evaluation and the associated Managed Service Point scan times on each route.
This system will also include geo-fence technology to assist supervisors in monitoring delivery operations. Geo-fence technology is a system based on the concept of virtual geographic zones. Should a carrier deviate from his or her designated geographic zone during street delivery, an alert is sent to the supervisor in an email or text message. The geo-fence component of the pilot program was expected to begin in July 2014. There are seven planned test sites consisting of one delivery unit in each of the seven Postal Service areas of operation.
Our objective was to assess the Postal Service’s efforts to implement geo-fence technology in delivery operations.
What the OIG Found
The Postal Service’s planned use of geo-fence technology in the delivery environment is a proactive way to increase carrier visibility to aid street management.
However, we identified an inaccuracy in the Delivery Management System. Specifically, projected scan times are not adjusted for authorized route deviations when carriers are assigned deliveries on portions of additional routes. This occurs because the Postal Service has not updated the Delivery Management System for these authorized route deviations. Management planned to address this scan variance issue in April 2014; but, as of June 2014, had not finalized the adjustments.
Inaccurate scan variance data may cause supervisors to react to carrier delays that are actually justified based on their daily delivery assignment.
What the OIG Recommended
We recommended the vice president, Product Information, modify the Delivery Management System software to capture adjustments for time and location projections when carriers are assigned deliveries on more than one route prior to nationwide implementation of the Delivery Management System.
Internet of Things Research Study (PDF)
Source: Hewlett Packard (HP)
Suddenly, everything from refrigerators to sprinkler systems are wired and interconnected, and while these devices have made life easier, they’ve also created new attack vectors for hackers. These devices are now collectively called the Internet of Things (IoT). IoT devices are poised to become more pervasive in our lives than mobile phones and will have access to the most sensitive personal data such as social security numbers and banking information. As the number of connected IoT devices constantly increases, security concerns are also exponentially multiplied. A couple of security concerns on a single device such as a mobile phone can quickly turn to 50 or 60 concerns when considering multiple IoT devices in an interconnected home or business. In light of the importance of what IoT devices have access to, it’s important to understand their security risk.
Ofcom has today published research on mobile phone call quality provided by network operators.
Improving mobile quality of service for consumers is a priority area for Ofcom. Today’s research is part of a plan to help support initiatives to improve mobile coverage in the UK, and provide consumers with quality information on mobile reception.
This information is important in helping consumers choose a mobile service that suits their needs. It also helps promote competition between mobile operators on service quality, to benefit consumers. Ofcom will continue to monitor and report on how service quality develops over time.
The report includes research on mobile phone call quality from the consumers’ perspective on mobile handsets; data supplied by EE, O2, Three and Vodafone on the performance of their networks; and consumer research on satisfaction with mobile networks.
Ofcom’s research found that while overall levels of consumer satisfaction with mobile networks are high (76%), this varies by location. Some 78% of people in urban areas were satisfied with their mobile network, compared to 67% in rural parts of the UK and 70% in remote areas.
New Policy Makes It Easier for Community Eligibility Schools to Participate in E-Rate Program
Source: Center on Budget and Policy Priorities
A new Federal Communications Commission (FCC) policy will make it easier for school districts adopting the Community Eligibility Provision — through which they can serve meals at no charge to all students — to apply for discounted telecommunications services and Internet access through the E-rate program. The new E-rate policy streamlines the discount calculation process for community eligibility schools so that they do not face any additional burdens relative to other schools.
The Community Eligibility Provision, a relatively new option within the federal school meal programs, eliminates school meal applications. Schools are eligible to adopt the Community Eligibility Provision based on the share of their students who are low-income, as assessed by other programs. Schools that adopt community eligibility must serve all meals at no charge. Community eligibility has been implemented a few states at a time over the past three years and is available nationwide for the 2014-2015 school year.
Since community eligibility schools do not determine which individual children are eligible for free or reduced-price meals, the E-rate program has developed ways for them to calculate their E-rate discount level. For school years 2011-2012 through 2014-2015, the FCC (which sets E-rate policy) directed community eligibility schools to continue using the share of students approved for free or reduced-price meals in the year prior to implementing community eligibility for purposes of determining their E-rate discount. Schools with 75 percent or more of their students approved for free or reduced-price meals receive a 90 percent discount; most schools that adopt community eligibility likely fall into this category.
Telemarketing Regulation: National and State Do Not Call Registries (PDF)
Source: Congressional Research Service (via Federation of American Scientists)
Today, it is axiomatic that telemarketers in the United States generally are not permitted to place outgoing telemarketing calls to phone numbers on the national do not call list, unless an exception applies. This was not always the case, however. The National Do Not Call Registry was implemented by Congress and by the Federal Trade Commission (FTC) and the Federal Communications Commission (FCC) in response to widespread frustration on the part of citizens with what was perceived to be abusive telemarketing practices. Particularly irritating and invasive were the numerous calls to residences on the part of telemarketers during dinner hours. In an attempt to address these complaints, Congress granted the FTC and the FCC the authority to regulate telemarketing practices. From these initial grants of regulatory authority grew the National Do Not Call Registry.
The development and implementation of the national do not call list was not straightforward. No single law creates the list. Instead, it developed from a combination of statutes and regulations over time, as Congress and the federal agencies tasked with the responsibility of regulating telemarketing developed strategies to better alleviate perceived consumer harm. This report will outline the laws underpinning the national do not call list; describe the regulations implementing the list; answer some of the most frequently asked questions related to the list; and discuss the possible penalties for violating the rules. The report will also briefly discuss some of the ways the various states have implemented their own do not call lists.
Significant Security Deficiencies in NOAA’s Information Systems Create Risks in Its National Critical Mission
Significant Security Deficiencies in NOAA’s Information Systems Create Risks in Its National Critical Mission
Source: U.S Department of Commerce, Office of Inspector General
From Abstract (PDF):
Information systems connected to NESDIS’ critical satellite ground support systems increases the risk of cyber attacks. The Polar-orbiting Operational Environmental Satellites’ (POES’) and Geostationary Operational Environmental Satellites’ (GOES’) mission-critical satellite ground support systems have interconnections with systems where the flow of information is not restricted, which could provide a cyber attacker with access to these critical assets.
NESDIS’ inconsistent implementation of mobile device protections increases the likelihood of a malware infection. In our review of selected Windows components on four NESDIS systems, we found that (a) unauthorized mobile devices had been connected to POES, GOES, and Environmental Satellite Processing Center (ESPC), and (b) GOES and ESPC did not consistently ensure that Microsoft Windows’ AutoRun feature was disabled.
Improvements are needed to provide assurance that independent security control assessments are sufficiently rigorous. We found that 28 of 60 (47 percent) of the independent assessments of security controls have deficiencies and may not have provided NOAA’s authorizing official with an accurate implementation status of the system’s security controls.
The journey to digital business is the key theme of Gartner, Inc.’s “Hype Cycle for Emerging Technologies, 2014.” As the Gartner Hype Cycle celebrates its 20th year, Gartner said that as enterprises set out on the journey to becoming digital businesses, identifying and employing the right technologies at the right time will be critical.
Gartner’s 2014 Hype Cycle Special Report provides strategists and planners with an assessment of the maturity, business benefit and future direction of more than 2,000 technologies, grouped into 119 areas. New Hype Cycles this year include Digital Workplace, Connected Homes, Enterprise Mobile Security, 3D Printing and Smart Machines.
The Hype Cycle for Emerging Technologies report is the longest-running annual Hype Cycle, providing a cross-industry perspective on the technologies and trends that business strategists, chief innovation officers, R&D leaders, entrepreneurs, global market developers and emerging technology teams should consider in developing emerging-technology portfolios.
Free registration required.
The Human-Capital Needs of Tech City, London
Source: Migration Policy Institute
Cities are important sites of entrepreneurship and innovation, especially for the tech industry, and skilled migrants can play critical roles in economic development in high-tech clusters such as London’s Tech City (also known as Silicon Roundabout). In the United Kingdom, an undersupply of skilled native-born developers encourages recruiters to look afield, but visa restrictions make hiring the right workers difficult. Evidence that firms are having trouble making the most of immigration point to a number of areas for policy action, as this report outlines.
A raft of policies were introduced to grow the Tech City cluster, but while the United Kingdom is reforming policies to attract and retain skilled migrant workers and migrant entrepreneurs, getting the design of these programs right has proved especially difficult. Policymakers’ control over cluster development is limited: policies that seek to map clusters and maximize their growth rarely deliver expected benefits. However, policies that are not cluster specific—such as human-capital interventions aimed at improving the international supply of workers through migration or the local supply of workers through skills training—are likely to have indirect effects that help clusters grow.
This report analyzes the importance of human capital to the development of Tech City and sets this discussion in a broader framework linking cities, digital sectors, and highly skilled immigration.
The report is part of a series from MPI’s Transatlantic Council on Migration focused on how policymakers at all levels can work together to help cities and regions get more out of immigration. The reports were commissioned for the Council’s eleventh plenary meeting, “Cities and Regions: Reaping Migration’s Local Dividends.”
Pitfalls and Fraud In Online Advertising Metrics: Are Cheaters Hurting Your Bottom Line? (PDF)
Source: Journal of Advertising Research
How does online advertising become less effective than advertisers expect and less effective than measurements indicate? The current research explores problems that result, in part, from malfeasance by outside perpetrators who overstate their efforts to increase their measured performance. In parallel, similar vulnerabilities result from mistaken analysis of cause and effect-errors that have become more fundamental as advertisers target their advertisements with greater precision. In the paper that follows, the author attempts to identify the circumstances that make advertisers most vulnerable, notes adjusted contract structures that offer some protections, and explores the origins of the problems in participants’ incentives and in legal rules.
The Path to Value in the Cloud
Source: Oxford Economics
Cloud computing is fundamentally altering business processes and changing the way organizations interact with customers, partners, and employees. Yet for all the enthusiasm, many companies lack a clear strategy for migration to the cloud and cannot measure their progress. This briefing paper, built on a national survey of 350 business and technology executives, explores how far along companies are in migrating to the cloud—and the challenges they face along the way.
See also: Cloud: The New Engine of Business
Public Comments on Big Data and Consumer Privacy in the Internet Economy
Source: National Telecommunications & Information Administrataion
Comments (PDFs) from:
American Civil Liberties Union, Center for Digital Democracy, Consumer Action, Consumer Federation of America, Consumer Watchdog, Common Sense Media, Privacy Rights Clearinghouse
Application Developers Alliance
ARTICLE 29 Data Protection Working Party
Solon Barocas, Edward W. Felten, Joanna N. Huey, Joshua A. Kroll, and Arvind Narayanan
Center for Data Innovation
Center for Democracy & Technology
Center for Digital Democracy
Center on Privacy & Technology at Georgetown University Law Center
Center for Urban Science + Progress
Common Sense Media
Computer & Communications Industry Association
Consumer Bankers Association, American Bankers Association
CTIA—The Wireless Association
Direct Marketing Association
Electronic Frontier Foundation
Electronic Transactions Association
Future of Privacy Forum
The Information Accountability Foundation
Information Technology Industry Council
Interactive Advertising Bureau
The Internet Association
Internet Commerce Coalition
Knowledge Ecology International
The Leadership Conference on Civil and Human Rights
The Leadership Conference on Civil and Human Rights, American Civil Liberties Union
Maureen K. Ohlhausen, Commissioner, Federal Trade Commission
Online Trust Alliance
Public Knowledge, Benton Foundation, Center for Digital Democracy, Common Cause, Consumer Federation of America, Consumer Watchdog, Free Press, New America Foundation’s Open Technology Institute, U.S. PIRG, World Privacy Forum
Reed Elsevier Inc.
Jessica Rich, Director, Bureau of Consumer Protection, Federal Trade Commission
Charles B. Solin
Software & Information Industry Association
TechFreedom, International Center for Law and Economics
Technology Policy Institute
U.S. Chamber of Commerce
U.S. Public Policy Council of the Association for Computing Machinery
World Privacy Forum
Intellectual Property Underpinnings of Pharmaceutical Innovation: A Primer
Source: American Action Forum
Companies across the U.S. are meeting health challenges head on by investing in time, talent, and materials. U.S. federal law has long protected these endeavors through the intellectual property (IP) regime. Understanding the process of innovation in both health and medicine requires a basic knowledge of three areas: the legal underpinnings of patent law, the economics of patents, and how the two interact within a company. Today, we cannot forget just how important these laws have been in creating and sustaining the technological sectors, especially those where innovation is especially costly. A basic overview of intellectual property rights (IPR) in innovative industries, particularly in medical treatments, is a beginning point to explore where the regime has gotten things right.
High Demand Means Rising Tech Prices
For more than a decade, computers and computer hardware prices have been falling at a steady pace as input and production costs fall and technology advances. For example, in just the past three years, desktop computer prices have plummeted 23.6%. Hardware production costs have decreased substantially during this period in response to an estimated 1.7% average annual dip in semiconductor prices and the introduction of new industrial technologies, which have automated the manufacturing process and reduced labor requirements. Meanwhile, the rapid rate at which computer hardware products verge toward obsolescence encourages suppliers to pass their savings on to buyers in the interest of retaining market share and offloading outdated models.
Despite steady drops in prices across the board, IBISWorld has identified four computer hardware products—programmable logic controllers, graphics and accelerator cards, intercom systems, and network switches—whose prices are bucking the trend and are actually projected to grow moderately through 2017. Price growth in these markets, which is largely due to expanding demand, means that buyers should consider procuring the relative products as early as possible to avoid future price increases. Additionally, buyers can leverage their awareness and understanding of market dynamics and buying strategies to reduce their exposure to price growth and make better purchasing decisions.
Consumer advisory: Virtual currencies and what you should know about them
Source: Consumer Financial Protection Bureau
You may have heard about virtual currencies like Bitcoin, XRP, and Dogecoin. But what are virtual currencies? What’s this “to the moon!” business on the internet about? And, as a consumer, what risks should you be aware of?
While virtual currencies offer the potential for innovation, a lot of big issues have yet to be resolved – some of which are critical, including:
- Virtual currencies are targets for hackers who have been able to breach sophisticated security systems in order to steal funds
- Virtual currencies can cost consumers more to use than credit cards or even regular cash once you take exchange rate issues into consideration
- Fraudsters are taking advantage of the hype surrounding virtual currencies to cheat people with fake opportunities
- If you trust a company to hold your virtual currencies and something goes wrong, that company may not offer you the kind of help you expect from your bank or debit or credit card provider
The Added Value of EU policy on Mobile telephone roaming charges
Source: European Parliamentary Research Service
International roaming allows a customer of a mobile network operator in one country to obtain telephone services – whether voice, SMS or data – from an operator in another country. The service provider ensures that the consumer remains connected to a mobile network abroad whilst using the same mobile phone handset – or a laptop/tablet in case of data roaming – and the same telephone number as at home.
In the era before the emergence of an EU-level policy to increase competition in telecommunications, the European market in this field was largely dominated by a limited number of traditional players, often public-sector monopolies, and was characterised by a marked lack of regulatory coherence between member states. Telephone networks across Europe were limited to national boundaries, preventing effective competition. The cost of telephone calls was generally high – and mobile-phone roaming charges were especially high, to a degree strikingly unjustified by the actual cost incurred by the service provider. Such charges were, on average, three times as high as those for domestic phone calls.
With the initial liberalisation of the European mobile telecommunications sector in 1998, EU action was taken to increase competition between operators and to promote adoption of common GSM and UMTS standards. A gradual fall in prices followed, and innovative new products and services began to appear. Almost a decade later, in 2007, the EU institutions introduced specific caps on mobile roaming charges for the first time, and since then – in 2009, 2012 and 2013 – they have adopted further revisions, with the aim of cutting such charges further. The EU roaming regime applies in the 28 member states of the Union, together with the three other countries within the European Economic Area (EEA).
Treatment Outcomes in Patients with Internet Addiction: A Clinical Pilot Study on the Effects of a Cognitive-Behavioral Therapy Program
Treatment Outcomes in Patients with Internet Addiction: A Clinical Pilot Study on the Effects of a Cognitive-Behavioral Therapy Program
Source: BioMed Research International
Internet addiction is regarded as a growing health concern in many parts of the world with prevalence rates of 1-2% in Europe and up to 7% in some Asian countries. Clinical research has demonstrated that Internet addiction is accompanied with loss of interests, decreased psychosocial functioning, social retreat, and heightened psychosocial distress. Specialized treatment programs are needed to face this problem that has recently been added to the appendix of the DSM-5. While there are numerous studies assessing clinical characteristics of patients with Internet addiction, the knowledge about the effectiveness of treatment programs is limited. Although a recent meta-analysis indicates that those programs show effects, more clinical studies are needed here. To add knowledge, we conducted a pilot study on the effects of a standardized cognitive-behavioral therapy program for IA. 42 male adults meeting criteria for Internet addiction were enrolled. Their IA-status, psychopathological symptoms, and perceived self-efficacy expectancy were assessed before and after the treatment. The results show that 70.3% of the patients finished the therapy regularly. After treatment symptoms of IA had decreased significantly. Psychopathological symptoms were reduced as well as associated psychosocial problems. The results of this pilot study emphasize findings from the only meta-analysis conducted so far.
The Silicon Valley Wage Premium
Source: Brookings Institution
Software application developers earn large salaries in the United States, $96,260 a year on average. But in metropolitan San Jose they earn $131,270, the highest in the country. There are many partial explanations for this—local cost of living, differences in education levels, experience, and industry—but none of them quite account for it. It turns out that developers living in San Jose have acquired the specific skills most valued by employers.
As the map below shows, there is a huge amount of variation in earnings for software application developers across regional labor markets. In large metropolitan areas like New York, they earn $105,000, but in Louisville, they earn just $72,000.
Transforming Performance Measurement for the 21st Century (PDF)
Source: Urban Institute
During the latter part of the 20th century considerable progress was made in gaining widespread acceptance for performance measurement as an ongoing part of performance management—at all three levels of government and increasingly within private nonprofit organizations. This is a good thing. However, for the most part, the information provided by performance measurement systems has been both shallow and not always as timely as is needed to help managers operate throughout the year.
Major advancements have occurred in the first decade or so of the 21st century that show great potential for enhancing the value of the performance information provided by these management systems. The opportunities for public and private service organizations to provide more timely and substantive information for managers are exploding. Major advances have occurred, and continue to occur, in areas currently being labeled with terms such as “Data Analytics, “Data Visualization,” and “Big Data.” The availability of such tools presents government and private for profit organizations with tremendous opportunities to improve the information provided by their performance measurement systems.
This report provides a number of recommendations for making use of such tools to help speed up the development and use of modern technology. Technology-related problems exist, especially the need to provide user-friendly devices that can enable the manager of the 21st century to download at any time and in any location, from some form of electronic device, information that enables them to drill down into the latest available data. This is data that in the past would have required an excessive amount of time and resources to obtain. And, all of this achieved without requiring more than a basic knowledge of analytical methods.
We hope this report will encourage implementation and use of these great opportunities for performance measurement and performance management in the 21st century.