GovInfoSecurity's 2nd Annual Quiz

Test your knowledge on happenings in government IT security during 2011, based on articles, blogs and interviews that appeared on GovInfoSecurity over the past year.

See Also: The State of Organizations' Security Posture as of Q1 2018

Link to answers at the end of the quiz.

1. The United States Bureau of Labor Statistics began tracking employment among information security professionals for the first time in 2011. According to its first three quarterly reports, what was the unemployment rate among IT security pros?

2. What percentage of state IT officials surveyed by the National Association of State CIOs responded that the skills most difficult to find and retain were those involving security?

3. The federal government employed the equivalent of how many IT security professionals in 2010, according to an Office of Management and Budget report issued in March?

4. The state of Delaware began to allow employees to use their smartphones and notepads to access state government networks, provided they place seven security controls on their device, including the wiping of all data if they fail to properly login:

5. In 2011, GovInfoSecurity surveyed government IT security practitioners about information security practices at their agencies. What did they see as the greatest threat to their organization's IT systems?

6. Who did our survey respondents see as the greatest threat to their organizations' IT systems?

7. What did our respondents say was their biggest reservation about cloud computing?

8. The Senate Judiciary Committee created a Subcommittee on Privacy, Technology and the Law. Who chairs that panel?

9. As federal chief information officer, Vivek Kundra presented a plan in which one-quarter of federal IT spending would be on cloud computing.

10. Secretary of State Hillary Clinton tapped Chris Painter as the department's first cybersecurity coordinator. What job did Painter hold when he was named for that position?

11. Which service academy in 2011 required all new students to take a cybersecurity course?

12. Personal information of some 3.5 million people was left exposed on a Texas state server for about how long before being detected?

13. What percentage of FBI field agents assigned to national security-related cyber investigations - and interviewed by the Justice Department inspector general - say they lack the networking and counterintelligence expertise to investigate such intrusions?

14. Vance Hitch, who led the Federal CIO Council's information security and identity management committee, retired last year as the then, longest-serving departmental chief information officer. What department did Hitch serve for nine years as CIO?

15. In July, a sophisticated cyberattack shut down Internet and e-mail services at what Energy Department national lab that conducts IT security research?

16. New Federal CIO Steven VanRoekel once worked as a speech and strategy assistant to Apple Computer founder Steve Jobs.

17. Which company that experienced a significant security breach last year hired former Department of Homeland Security cybersecurity leader Philip Reitinger to be its chief information security officer?

18. According to a Government Accountability Office report published in October, CIOs at the 24 largest federal government agencies spent how much of their time on IT security?

19. A GAO auditor told Congress at a hearing in October that security incidents reported by federal agencies have risen by more than how much over the past five years?

20. What was the job Mark Weatherford held immediately before he became the Homeland Security deputy undersecretary for cybersecurity?

21. For the second-year running, the United States remained the most feared nation in cyber?

Match the following quotes with one of the 10 individuals listed.

22. "That is less time than it takes us to prepare a budget and receive Congressional approval for it. This means I get permission to start a project at the same time Steve Jobs is talking on his new iPhone. It's not a fair trade. We have to close this gap. Silicon Valley can help us."

23. "We do not have the capacity to do everything we need to accomplish. To put it bluntly, we are very thin, and a crisis would quickly stress our cyber forces. We cannot afford to allow cyberspace to be a sanctuary where real and potential adversaries can marshal forces and capabilities to use against us and our allies. This is not a hypothetical danger."

24. "Leadership starts with having an honest conversation about what is happening in the United States, affecting our long-term strategic posture. The lack of engagement by the administration and the executive branch is discouraging. ... I worry that if the RSA incident doesn't keep our leadership awake at night, then what will?"

25. "There are things we can do to save some money. And, the last one is to make sure that we're not wasting a billion-and-a-half dollars a year on paperwork exercises that pretend to reflect improvements in our cybersecurity, when they do nothing of the sort.

26. "Unless people really start to really pay attention to the threat and how we need to drive fundamental change, we're in a world that is going get worse from day to day and month to month and year to year. And, we're going to be in a place eventually where your television is going to complain that it's being attacked by your refrigerator and isn't able to operate anymore. None of us wants to live that world."

27. "Just as all cities experience some crime, so too does cyberspace. We cannot eliminate the risk entirely. While it can seem like the dangers posed in cyberspace are magnified because of its inherent openness, we believe that by doing something we call enabling distributed security - making the open nature of the Internet one of its strengths - we can support the enormous potential of cyberspace while creating a secure environment."

28. "During the past 15 years, technological innovation and globalization have proven to be an overwhelming force for good. However, transnational criminal organizations have taken advantage of our increasingly interconnected world to expand their illicit enterprises."

28. "As we start to see the more aggressive use of information technologies - the small mobile devices - security and privacy are becoming even more critical than ever. We wanted to make sure that there was a disciplined and structured approach on how to enforce some of the best practices that have been around for quite some time."

29. "Too often this focus on security has been used as an excuse to prevent the government from adopting the sort of innovative technologies that could better serve and engage the American people. What's true is the inverse: Done the right way, using more nimble, flexible, modern technology enhances security by freeing the government from decaying infrastructure and custom-made applications written in obsolete computer languages even pre-dating the personal computer revolution."

30. "We shouldn't make the false choice between security and innovation. In fact, innovation can make us more secure as long as we build security into everything we do."