[ISN] CIO Council folds security panel

From: InfoSec News (isnat_private)
Date: Wed Nov 14 2001 - 07:06:49 PST

  • Next message: InfoSec News: "[ISN] Bug secrecy vs. full disclosure"

    By Diane Frank 
    Nov. 13, 2001
    The Office of Management and Budget and the federal CIO Council have
    decided to disband the council's Security, Privacy and Critical
    Infrastructure Committee to move beyond general issues to the
    "nitty-gritty details," said Mark Forman, OMB's associate director for
    information technology and e-government.
    Such details include making sure agencies have adequate training
    programs, the right people and the proper security architectures in
    place to address governmentwide security vulnerabilities.
    The CIO Council completed a total reorganization last month to better
    focus on e-government issues and eliminated all but three committees.
    Jim Flyzik, vice chairman of the council, said at the time that the
    group had not decided what to do with the security committee. But last
    week, Forman said security and privacy issues will be folded into the
    council's other committees.
    During the past two years, the committee completed a framework to
    assess agencies' security status and assembled a best practices guide
    for security practices. A review of governmentwide security shows that
    having a chief information officer or deputy CIO as a member of the
    committee has not raised the security level at agencies, Forman said.
    Security now will be part of each CIO Council committee's priorities.
    The council has developed a five-page list of things the committees
    need to work on in the security area and ideas on how to handle them,
    Forman said.
    * The workforce committee will look at the issue of security skills
      and awareness.
    * The best practices committee will include studies of security best
    * The architecture committee will work on security standards.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.

    This archive was generated by hypermail 2b30 : Wed Nov 14 2001 - 09:17:27 PST