CIO Council launches security best practices Web site

CIO Council launches security best practices Web site

MAY 23'The Chief Information Officers Council on Monday introduced a Web site that will contain a database of security best practices documents.

The Web site, at bsp.cio.gov, allows agencies to post security best practices and lets others comment on those practices.

The site has been developed by the CIO Council's Security, Privacy and Critical Infrastructure Protection Committee and by the Agency for International Development.

Hackers are organized into a collaborative community in that they share ideas, and hardware and software weaknesses, said James P. Craft, AID's information systems security officer and chairman of the CIO Council's security practices subcommittee. The goal of the best practices Web site is to bring that same collaborative effort to government security efforts, he said.

The site is part of a CIO Council effort to publicize its security work, said Energy Department CIO John Gilligan. In addition to the best practices site, the council is designing an evaluation tool so agencies can assess their security status.

The project started after Rep. Steve Horn (R-Calif.) suggested grading agencies on their security efforts, similar to the grading that was conducted as agencies made their year 2000 preparations. Gilligan said the goal is to create an evaluation tool so agencies will know how they are being judged. It will also let agencies conduct their own assessment.

The framework will be issued in June, he said.

inside gcn

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group