Re: [ISN] New opportunities for NIST

From: InfoSec News (isnat_private)
Date: Thu Dec 05 2002 - 22:48:55 PST

  • Next message: InfoSec News: "[ISN] Cyber hype"

    Forwarded from: Gregory Hughes <bauiat_private>
    
    I totally agree with this message and feel it is time that we,
    "knowledgeable Americans", get involved in making a difference. I
    suggest that all that are technically savvy and have incredible
    insight into the operational architectures that sustain our national
    security networks, join forces to create a company capable of
    designing and providing secure services to our governments security
    agencies.
    
    Collectively, we have a vested interest in protecting this country and
    all that resides within. If we put our total confidence in assuming
    "Big Brother" is going to protect our interest, we are not being
    realistic in our expectations. The novice technocrat at heart has the
    innate ability to devise a system that interconnects the intelligence
    agencies so that the sharing of critical information is seamless and
    transparent. However, it has been proven that these very agencies are
    not capable of sharing strategic briefings vital to the defense of
    Americans.
    
    It is time that we recreate the way security, communications and
    intelligence sharing is viewed by all. It is time we assert our rights
    as Americans scientist forging alliances to guarantee the health and
    safety of this wonderful country.
    
    Together making a difference.
    
    Semper Fi~
    
    
    ----- Original Message -----
    From: "InfoSec News" <isnat_private>
    To: <isnat_private>
    Sent: Wednesday, December 04, 2002 11:54 PM
    Subject: Re: [ISN] New opportunities for NIST
    
    
    > Forwarded from: matthew patton <pattonmeat_private>
    >
    > > Federal security could improve if the secretary should decide to
    > > make additional NIST guidance and standards mandatory, but such a
    > > decision could also have drawbacks, said Sallie McDonald, assistant
    > > commissioner for information assurance and critical infrastructure
    > > protection at the General Services Administration. "But you don't
    > > get people's cooperation for the right reasons," and involuntary
    > > compliance could lead to agencies just checking off another
    > > requirement box instead of using the guidelines to improve their
    > > security management, she said.
    >
    > Sure enough. But considering how bad most federal systems are, isn't
    > mandatory compliance with a reasonable set of standards better than
    > the tenuous notion that people should improve their security
    > management based on said guidelines? If the IG's of the world were
    > consistently giving agencies B- or better grades I would have no
    > argument. But as I recall, practically everybody is in the D- or F
    > category. It's time IMO to start breaking fingers and bashing heads.
    > Agencies who have national security impacting systems and who know
    > better are playing fast and careless with security. We ought to be
    > sacking a lot of people, gov't and contractor alike.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Fri Dec 06 2002 - 01:24:22 PST