Is it safe to blog about security in government? That may sound like a pretty dumb question coming from a security blog that's been around for over 18 months. And yet, I often get asked that question. Now, Federal Computer Week (FCW) may have settled the question by announcing that "Government enters the blogsosphere."
The Multi State Information Sharing & Analysis Center (MS-ISAC) held their annual meeting in Seattle, Washington from April 28-30. Approximately 150 federal, state & local government security leaders participated in the gathering. So what was on the agenda?
Topic(s): Leadership
The conventional security wisdom is to lock down your endpoints in order to enforce security policy. That approach was thrown out at Google, according to Douglas Merrill, Google Inc.'s Chief Information Officer (CIO). Is this a trend? Should we all be adjusting our strategies?
Topic(s): Leadership
For years I've heard colleagues proclaim: "You must go to the RSA conference. It is the biggest security conference of them all. It is unlike anything else you'll attend. You must see to believe. They were right, but for different reasons than I originally expected.
Topic(s): Career
On April 9, I participated in an excellent panel at the RSA Conference in San Francisco. The topic was Cyberstorm II, and although participants didn't discuss exercise scenarios or detailed action items, the discussion was interesting and received substantial press coverage. A top message: the importance of planning and communication across traditional and new boundaries.
Every good IT management team is talking about the coming wave of retiring Baby Boomers. Well I just came across a report that might help. The Partnership for Public Service released an interesting report back in January 2008 entitled: "A Golden Opportunity: Recruiting Baby Boomers into Government."
Topic(s): Leadership
Last Friday (March 28), I attended the MidWest Regional. No this wasn't an NCCA Men's Basketball Tournament game in Detroit, but the Cyber Defense Competition at Jackson Community College in Jackson, Michigan. I was encouraged by what I saw.
Topic(s): Career
The conventional wisdom is that government security culture at all levels suffers from a lack of training. But leaving the quality, timeliness and relevance of specific courses aside for a minute, is it possible that the real problem is too much training? Some say yes, but I doubt it.
» read more | 4 comments
Everybody seems to be convening cyber summits. Governments from New York to California, organizations from InfraGard to SANS to EDUCAUSE, more and more states and even private businesses are holding various types of cyber security summits. Why? Do they work? Should you add it to your 2008 (or perhaps 2009) agenda? We did in Michigan. Here's why.
