The Department of Homeland Security will present its report on cybersecurity threats to mobile devices to Congress no later than Dec. 16, the official in charge said Wednesday.
Vincent Sritipan, from the DHS Science & Technology Directorate told a break out session at FedScoop’s Red Hat Government Symposium that the report would be “a pretty big game-changer in the federal space.”
The report, mandated by last year’s cybersecurity law, was produced with input from government scientists at the National Institute of Standards and Technology.
“We partnered with NIST, and used their draft mobile threats catalogue,” Sritipan told CyberScoop after his session.
“We had one-on-one meetings with all the large teleco’s” and issued a Request for Comments from the vendor community, he added, to make sure the report could cover “what are the standards, what are the best practices, what are the mitigations for some of these threats.”
He said the report “looked at all the threats out there to the mobile ecosystem, the defenses and the gaps there may be, legal authorities the department may or may not have when a mobile incident occurs and then next steps —what do we recommend in terms of mobile security for the federal government. ”
He said he expected the report to guide federal R&D efforts in the mobile arena for the next 1-3 years, and to provide a framework for federal officials and even state and local governments “as we implement mobility.”
The report will help federal officials as they “develop mobile strategy and app development,” added Javier Perez, director of product management for Red Hat.
“The key [to mobile security] is execution,” he explained to CyberScoop after the session. “We make it easier to build those apps, integrate with backend systems and use the latest technology.”
Other observers agreed that the report would be a big deal for federal mobility.
“They put a lot of work into it and it will be very useful,” said Tom Suder, president and founder of the Advanced Technology Academic Research Center.