From: L. Walker (lwalker@magi.net.au)
Date: Mon Jun 20 2005 - 18:50:55 EDT
Comments below.
On 17 Jun 2005 12:59PM, dentonj@gmail.com wrote:
> That may or may not be true. The real problem is the lack of control
> of the budget. Those who've worked for the government know that those
> who control or can influence the budget have control of what happens.
> Nothing gets the attention of the decision makers faster then knowing
> that non-compliance with a new regulation means next years budget
> might get cut. Until "Information Assurance" (the governments buzz
> word for computer security) can influence organizations or agencies
> budgets, the decision makers are only going to pay it lip service.
Is it lack of control with budget, or political pressure to complete
projects on-time instead of ensuring maximum quality for the projects
deliverables? As many have said, the pressure is on to "pass the buck", so
to speak.
> The other thing that gets decision makers attention is the possibility
> of jail time. Mishandling of classified material can quickly land
> someone in jail. So, classified systems and networks are locked down
> pretty well. The computers and networks that are connected to the
> internet do not process classified information. So if someone breaks
> into a government computer via the internet, it's not going to impact
> the decision makers.
How so? Leaked and planted memos and e-mails can hurt political careers.
Just because it's not classified doesn't mean the data isn't important
enough to protect. Especially when [U.S. Govt.] standards (NIST, etc.)
define how stringent they should be with their security policies.
- L. Walker
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:26 EDT