http://www.fcw.com/article103240-07-17-07-Web By Jason Miller July 17, 2007 The Office of Management and Budget and the Homeland Security Department today explained 10 common mistakes agencies make when securing data and personal information and offered a host of best practices to correct each mistake. In a new paper, Common Risks Impeding the Adequate Protection of Government Information [1], OMB and DHS discuss common problems in areas such as training, contracting and records management. OMB and DHS developed this paper as a part of the Presidents Identity Theft Task Force recommendations. All of the best practices and important resources are interrelated, and they can help agencies address the risks associated with information security and privacy programs, said Karen Evans, OMBs administrator for information technology and e-government. In the paper, OMB and DHS recommend agencies take steps to protect data. These include tailoring training to employees with significant security and privacy responsibilities, incorporating the Federal Acquisition Regulation language into all contracts and agreements and developing a standard operating procedure that describes how to identify and report suspicious activities or incidents. The paper also provides resources from OMB, DHS and the National Institute of Standards and Technology for agencies to refer to when implementing the best practices. [1] http://csrc.nist.gov/pcig/document/Common-Risks-Impeding-Adequate-Protection-Govt-Info.pdf _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Tue Jul 17 2007 - 22:39:08 PDT