Living in the Washington, DC area, we are bombarded with advertisements touting services for the government. These ads include everything from logistic services to basic office services provided by companies that support the physically challenged to technology services. Ads that resonate with me are the ones for “cloud” services that tout being FedRAMP certified.
Continuing the discussion on the state and future of #MyIndustry, the information security industry, I bring you commentary based on the most recent news. UCLA Health may be ranked as one of the best healthcare facilities in the nation, but when it comes to information security it is as common as anyone else. On July 17…
I originally intended this to be an answer to some of my critics. But after seeing Robert Herjavec’s post asking for a “debate the state — and future — of their industry,” I am going to use this to say that the state of #MyIndustry lacks the leadership and is destined for failure.
When an information security analyst performs a risk assessment, the analyst is supposed to look at the full systems architecture in order to determine whether the required confidentiality of the data can be maintained, the integrity of that data can be proven, and the data is made available in a manner consistent with the business requirement. The analysis should also take into account the impact of the availability of the system.
The following is the text of a letter that was sent to Sens. Ben Cardin and Barbara Milkulski. A copy was also sent to Rep. Chris VanHollen: As I watched the reporting of the interaction between House Oversight and Reform Committee and OPM Director Katherine Archuleta and OPM CIO Donna Seymour, I realized that no matter how many times government officials are scolded by members of congress, there will remain no consequences for the OPM’s issues.