Coming up in the FCW Security Series
Sept. 29 — Securing Web 2.0
Learn how agencies are assessing and addressing the security issues associated with interactive Web 2.0 tools such as social media, blogs, podcasts and wikis.
Oct. 6 — Mastering managed security services
Find out which cybersecurity systems, operations and compliance procedures agencies are outsourcing most successfully, along with tips for selecting providers and managing performance by contractors.
The cybersecurity initiative launched by the Bush administration earlier this year remains largely cloaked in secrecy, but it’s already clear that it could have a major and far-reaching effect on government IT operations in the future.
Everything from mandated security measures and standard desktop configurations across government to a recast Federal Information Security Management Act (FISMA) could influence the way agencies buy and manage their IT.
Overseeing all of this will be a central office run by the Homeland Security Department, the first time that the government’s efforts in cybersecurity will run through a single office tasked with coordinating the work of separate federal cybersecurity organizations.
“It’s both an effort to better organize existing cybersecurity initiatives as well as to promote a series of new initiatives,” said Amit Yoran, chief executive officer of network security vendor netWitness and a former director of DHS National Cyber Security Division. “I think it is noteworthy that there are a number of new programmatic efforts that haven’t existed before, and that will create new capabilities and functionality.”
There’s still a long way to go, and it will take a huge effort to implement the measures, but Yoran said he thinks some agencies are already starting to appreciate the effect the initiative will have, even if they still don’t have all the details.
The White House issued on Jan. 8 Homeland Security Presidential Directive 23, also known as National Security Presidential Directive 54, the policy that apparently established the cybersecurity initiative. However that wasn’t verified because the document itself was classified.
Some details emerged during the next few months through congressional testimony, lawmakers’ inquiries, and various speeches and presentations, but to date, few specifics have been made public. In April, DHS published a fact sheet about the Comprehensive National Cybersecurity Initiative (CNCI) that listed various measures that were being taken to prevent future attacks on U.S. computer systems, including the expansion of several existing programs and the creation of a National Cybersecurity Center (NCSC), which will serve as the focus for improving federal government network defenses.
Rod Beckstrom, a well-known technology entrepreneur, was appointed the center’s director in March.
Digg
De.licio.us
Slashdot
Technorati
