CSEAT will review agencies' security for free

CSEAT will review agencies' security for free

By Susan M. Menke

GCN Staff


JULY 30'The National Institute of Standards and Technology has set up a computer security expert assist team, called CSEAT, to improve agencies' infrastructure protection and share best security practices.

'It was kind of a surprise' to get a budget line item for CSEAT, said its director, Kathy Lyons-Burke. 'We didn't expect Congress to give us the money.'

The first review started in June at the Federal Emergency Management Agency. The process takes about three months. 'We don't give a grade, and we don't break in,' Lyons-Burke said. 'We will apply consistent control objectives and criteria' across agencies and eventually draw an overall comparative picture of federal security policy.

NIST's independent reviews will not duplicate the work of existing computer emergency response teams or of the Federal Computer Incident Response Capability, the National Infrastructure Protection Center or the Critical Infrastructure Assurance Office, Lyons-Burke said. CSEAT will come in only at an agency's request or, for high-risk programs, with a push from the Office of Management and Budget.

Each review will produce high-level findings, a 'sanity check' of how well personnel understand policies, and a report with prioritized recommendations, she said. Although there is no cost to the agency except for providing documentation and a contact, NIST requires agency feedback after 30 days and again after 180 days about which recommendations were followed and why.

Agencies can request a security review by sending e-mail to [email protected]

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected