NIST chided for computer security efforts

The National Institute of Standards and Technology must make a greater effort to set governmentwide security standards, the Computer System Security and Privacy Advisory Board said Tuesday.

Members of the committee created to supervise the development of non-military computer security charged NIST with failing to safeguard the information of federal government agencies. NIST should be developing security systems that serve as model for the federal government's use of IT, the board said.

NIST, which falls under the jurisdiction of the Commerce Department, "has a legitimate role to dive into the issue and be a champion of it," said board member Joseph Leo, a deputy administrator at the Agriculture Department who has been instrumental in distributing government benefits electronically. "I think NIST should be one of the premier players in the game."

NIST's lack of attention to security is evinced by the lack of any senior officials among the approximately 50 employees of the agency's computer security division, said Rand Corporation security expert Willis Ware, who chairs the 12-member advisory board. Ware said NIST should seek federal appropriations of $10 million, not just its current request of $1 million, for its computer security division.

The failure to replace computer security officials who left for the private sector may be part of the problem, Ware believes.

"Are you maintaining posture or sliding downhill?" Ware asked.

Miles Smid, the acting chief of NIST's Computer Security Division, responded by pointing out that the size of the staff was larger than it had been for some time. But he conceded that the agency could improve on informing other government agencies about its programs.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
FROM OUR SPONSORS
JOIN THE DISCUSSION
Close [ x ] More from GovExec
 
 

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • The Big Data Campaign Trail

    With everyone so focused on security following recent breaches at federal, state and local government and education institutions, there has been little emphasis on the need for better operations. This report breaks down some of the biggest operational challenges in IT management and provides insight into how agencies and leaders can successfully solve some of the biggest lingering government IT issues.

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download
  • Ongoing Efforts in Veterans Health Care Modernization

    This report discusses the current state of veterans health care

    Download

When you download a report, your information may be shared with the underwriters of that document.