Submitted by TFryer on Tue, 01/23/2018 - 23:01
In the face of ever-increasing cybersecurity risks, significant attention is being paid toward improving preparedness and response of agencies, vulnerabilities and threats. throughout the public sector.
Submitted by TFryer on Tue, 01/23/2018 - 18:08
Increased connectivity has transformed and improved access to government – citizens today can connect with government agencies and leaders in ways that were unimaginable just a few years ago.
Submitted by TFryer on Tue, 01/23/2018 - 17:44
Understanding the link between cybersecurity, physical assets and economic growth can help the government design an approach that provides both IT and economic security. A cyber incident can have physical impacts, while a physical incident can have cyber implications -- and both are likely to come with economic costs.
To foster a climate in which cyber and physical assets foster economic vitality, both risks must be addressed and technology must be seen as a key player in economic development.
Submitted by TFryer on Mon, 01/22/2018 - 20:42
This report is the product of a group of experts, which was convened by the Department of Computer Science at the Indiana University of Pennsylvania (IUP). IUP brought together an interdisciplinary panel of experts in national security, international relations, foreign policy, information system network and security, public policy, and computer science. These experts participated in two collaborative roundtable meetings during the first six months of 2014. The report presents results from the roundtable discussions, as well as other research conducted by the author.
Submitted by sfreidus on Wed, 12/27/2017 - 13:14
Today, more than ever, with the increasing number of cybersecurity attacks on government organizations and threats of data breaches to the privacy of government officials and their staffs, and government contractor staffs, strong IT Governance based on sound IT risk management is critical to restoring confidence in the security and privacy protections provided by our Federal Government. This is no longer purely an IT technology issue but an issue that must be addressed at the top layers of government – from the “overseers” of IT policy (e.g., Office of Management and Budget (OMB), National
Submitted by sfreidus on Wed, 12/27/2017 - 12:36
As previously discussed, all Federal departments/agencies were charged with establishing an IT Governance program per OMB Memorandum M-09-02.
Submitted by sfreidus on Wed, 12/27/2017 - 11:14
To start, guiding principles can ensure that all staff have a common understanding of the core IT Governance criteria. These guiding principles let staff know that IT Governance is recognized by the C-Suite as critical to the organization’s success, and that IT resources result in maximum effectiveness and efficiency across the organization. It ensures that security is integrated in meeting requirements and delivers benefits set by an organization’s business leaders.
Submitted by sfreidus on Wed, 12/27/2017 - 10:00
This consists of a definition of IT Governance communicated throughout the agency, and the establishment of a new organizational structure to ensure the IT Governance Program is effective and continuously improved. Continuing with the Veterans Affairs Department (VA) example discussed in the previous blog, below is the definition VA developed and a generic discussion of the organizational structure that VA adopted.
Submitted by sfreidus on Tue, 12/26/2017 - 17:08
This post is the fourth in a series on how strong IT Governance can help drive effective security across Federal enterprises. See the first installment.