cyber

On Monday, at an event with the Secretaries of State, Commerce, Homeland Security, the Attorney General, and the Deputy Secretary of Defense, the Obama Administration released its international strategy for cyberspace.  The strategy, described in a post from White House Cyber Coordinator Howard Schmidt, for the first time outlines a number of principles that the US will follow i

No longer can security programs rely on “if it’s not broke, don’t fix it” — adversaries could already be inside systems, stealing data or probing to get in.  Too many CIOs and CISOs have thought their systems and data were secure when in fact the opposite was true.   Security programs need effective protection of valuable information and systems to prevent data breaches, and to comply with the ever increasing federal compliance requirements (such as the Federal Information Security Management Act (FISMA), the Privacy Act, policy and guidance from the Office of Management and Budget (OMB) an

Blog Co-Author:  Christopher Ballister

Federal Chief Information Officers, like their private sector CIO counterparts, lead the integration of information technology and organizational strategy.  CIOs must balance the daily needs of operational IT across their enterprise with how IT can contribute to longer term mission goals, while at the same time overseeing policy and resources for IT in a challenging fiscal environment.  U.S.

Below are ideas that I shared on this topic yesterday as part of a panel discussion with the White House’s Commission on Enhancing National Cybersecurity.

Background 

The policy framework that governs Federal IT with respect to cybersecurity has many pieces. Major laws include:

Co-Author:  Christopher Ballister, Security & Privacy, IBM

John Kamensky

Warner Letter re: DATA Act. Federal News Radio reports: “Sen. Mark Warner (D-Va.) sent letters to 24 chief financial officer agencies on Friday, urging leadership to “prioritize efforts” to comply with the Digital Accountability and Transparency (DATA) Act. . . . Warner, an original backer of the DATA Act, asked five questions to agency leaders about their progress toward the May 2017 implementation deadline.”

John Kamensky

Restored Faith.  FedScoop reports on comments by Cong. Gerry Connelly at a conference, noting: “With agencies now required to report their spending data in compliance with the Digital Accountability and Transparency Act, it’s a chance for the federal government to earn some trust from the American people.”

The IBM Center recently partnered with the National Institute for Standards and Technology (NIST) and George Washington University Center for Cyber and Homeland Security to convene a set of interactive discussions among Chief Information Security Officers (CISOs) and other security executives in government and industry.  The meeting highlighted challenges and opportunities for action.