Public-Private Initiative Focuses on Government IT Security
Public-Private Initiative Focuses on Government IT Security
House Government Reform Committee Chairman Tom Davis (R-Va.) and the Federal Chief Information Officers (CIO) Council announced the creation of the CISO Exchange, a public-private initiative focused on empowering Federal Chief Information Security Officers (CISOs) to improve Federal government Information Technology (IT) security. Chairman Davis and the CIO Council will co-chair the CISO Exchange, respectively represented by Melissa Wojciak, staff director of the Government Reform Committee, and Vance Hitch, CIO for the Department of Justice (DOJ).
“The Federal government’s D+ grade on computer security is just not good enough,” said Chairman Davis. “Meanwhile, the Telos study highlights CISOs’ concerns. While the CISO Exchange will be informal and not something we’re creating in statute, it is conceptually consistent with what I’ve done with the Digital Tech Corps and the proposed Acquisition Workforce Exchange Program – the goal being cross-pollination of ideas and best practices between the private and public sectors. This CISO Exchange is designed to bring together Federal CISOs and industry leaders to move our government to the top of the class in IT security.”
“The CIO Council is committed to closing the security gap in our Federal agencies,” said Vance Hitch, DOJ’s CIO and chair of the Cyber Security & Privacy Committee for the CIO Council. “Each CIO will ask their CISO to attend the CISO Exchange programs. We look forward to working with Chairman Davis, CISOs, and private industry to upgrade our Federal IT security performance.”
The CISO Exchange brings together the Federal CISO community with leading private sector security executives to structure information exchange, education, and cross-pollination of best practices. Specifically, the CISO Exchange will focus on:
*Building CISO community*Framing and facilitating high-value education experiences*Facilitating cross-pollination of best practices*Providing a coherent voice for the Federal CISO community on operational security issues*Enabling public-private sector information exchange on IT security issues
The CISO Exchange will convene quarterly educational meetings, as well as produce an annual report on Federal IT Security priorities and operational issues. The first meeting will take place in May 2005. O’Keeffe & Company, an events and marketing firm, will manage the CISO Exchange.
“The disappointing results on the report cards and the CISO feedback from the Telos study demonstrate that there is a requirement to take a fresh look at the Federal IT security challenge,” said Stephen W.T. O’Keeffe, executive director of the CISO Exchange. “The CISO Exchange, co-chaired by legislative and executive leaders, builds community for CISOs and creates a new public-private partnership to drive true progress.”
The Federal Information Security Management Act (FISMA) of 2002 (Title III of the E-Government Act of 2002) is the primary legislation governing Federal information security. FISMA expanded upon earlier Federal IT security legislation and added particular emphasis to the management dimension of information security in the Federal government. FISMA establishes stronger lines of management responsibility for information security and provides for substantial oversight by the legislative branch. Under FISMA, Federal agencies are required to designate a lead security executive or CISO.
About the CISO Exchange The CISO Exchange is a public-private initiative focused on empowering Federal Chief Information Security Officers (CISOs) to improve Federal government information technology (IT) security. The group provides Federal CISOs with a structured forum for education, information sharing, and collaboration with the private sector IT security community. For more information on the CISO Exchange, please visit http://www.cisoexchange.org
.
