Return to Article: FEATURES The Forest And the Trees
-
46929
The timing and content of this article could not have been more timely. I was just putting the finishing touches to my agency's Information Systems Management Strategic Plan, when one of my planning team members sent me this article. The story basically reinforced the approach we took to developing a business-driven strategic plan for developing and managing our IT resources more strategically around our core business processes. It was most gratifying to see that we are on the right track. For much of the time, it felt like we were just making up our planning process as we went along-feeling like we were in new territory as we pioneered this new approach. I am very interested in meeting with the CIOs mentioned in the article to see if we overlooked anything in our plan.
-
45888
This article most interesting and insightful. As someone who has visited with numerous government agencies chartered to provide security to their users (i.e. clients), I have often come away from meetings shaking my head in dismay. In far too many circumstances, the "leaders" of these very large organizations are not interested in achieving true information security, but rather on checking off a box that allows them to pass a compliance test.
In the commercial world, this approach would fail miserably: When information is stolen, heads roll. In the government space, where information security is critical on so many levels, no action is taken as long as outdated and useless compliance reports show that the offending organization earned a passing grade in its last review.
In an age where cyber crime is a great threat, Congress needs to legislate that agencies responsible for protecting information are reviewed on their actual results. This kind of action will force bureaucrats to review and deploy products, like RazorThreat's, that are capable of dramatically enhancing the security of government networks. Government agencies should be taking a leadership role for the country in how true security can be achieved, but this will not happen under the current rules.
I applaud shining a light on just how backward the current thinking is on this crucial topic. Keep up the good work.
PROMO RIGHT: EVENTS
UPCOMING WEBINARS
NOVEMBER 18
Speed bumps for Teleworking: What are they and how to avoid them?
DECEMBER 3
Achieve Program Success: Unlock the Management Information in Your Data
DECEMBER 10
Practical Transparency: Applying Exchange Networks for Mission Results
PROMO RIGHT: DIRECTORIES
Post a Comment
To post a comment, you must provide a name and a valid e-mail address. Messages must be limited to 400 words. By using this Service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Government Executive does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.