A Cab Ride Home: Priceless
The total estimated cost of this month's big blackout: as much as
$6 billion. The price of bottled water during the outage: $15. The cost of being able to get home from New York during the blackout: priceless.
Or so goes the MasterCard commercial if Harris Miller wrote it.
It's a good thing a New York City cabbie thought Miller looked like an upstanding citizen despite his rumpled suit and disheveled appearance after a sleepless night Aug. 14, when the lights went out in the Big Apple.
Like millions of others, the president of the Information Technology Association of America got stuck in New York during the worst blackout in history. He managed to get a steamy hotel room near LaGuardia Airport, and early the next morning, he got a cab to take him to Philadelphia.
With no money in his pocket, Miller convinced the driver that he was good for the $350 fare. When he got to Philadelphia's 30th Street train station, he hit the ATM. Then he got on the train and came back to Washington, D.C., where he took a cab to National Airport to pick up his car and then went to the office wearing the same clothes he had on the night before.
The 'D'oh!' Approach
Clearly, having the White House Web site hacked and defaced is a bad thing. So is having the network penetrated by an attacker, even though the public can't see it.
Really, the security folks in the Executive Office of the President (EOP) can't make any firmer guarantees than those in any other agency. But that excuse
isn't going to fly as worms, viruses and other bugs run through government and private networks worldwide, said Jaime Borrego, director of information assurance in the EOP's Office of the Chief Information Officer, speaking last week at an information security symposium sponsored by Unisys Corp.
"I can't go back to the CIO and say it's OK that we got hit because a whole bunch of other agencies out there did," he said.
Critical Infrastructure Indeed
Meanwhile, the House Select Committee on Homeland Security will hold a series of hearings next month on the implications of the recent blackout and the potential for future ones.
Committee chairman Rep. Christopher Cox (R-Calif.) said the hearings would look into the vulnerability of the nation's power supply and distribution system to attack and the impact on the nation's public health, food and water supply.
"We must determine accurately how vulnerable our power system is to attack and sustained denial, and what steps our government is taking to reduce
that vulnerability and mitigate the potential damage through contingency planning," Cox said.
Security standards aren't really what a hard-core expert would call standards, and everyone accepts that. But that
doesn't stop the experts from getting a little frustrated sometimes.
Scott Paisley, technology director at Internet Security Systems Inc., spent almost 15 years of his career at the National Institute of Standards and Technology. There are times, he admitted last week, when he's helping yet another organization integrate a firewall, intrusion-
detection system and three other security solutions that he thinks fondly of the ability to take a screw bought in one state and use it with a bolt bought clear across the country.
It's nice to have some things you can rely on, he told the audience at the security symposium sponsored by Unisys.
Model Ready to Sashay
The performance reference model for the federal enterprise architecture, which will outline the links between program goals and the metrics for whether or not agencies are achieving those goals, should be released soon as a final document, said Bob Haycock, acting program manager of the Federal Enterprise Architecture Program Management Office.
The reference model is in the "final throes of review" and has already been in agency officials' hands in draft form for the past several weeks, he said Aug. 13 at a Federal Sources Inc. conference for solutions architects.
The program management office, working with the CIO Council's Architecture and Infrastructure Committee, is also developing several tools for officials working on enterprise architectures within their agencies, including a methodology that agencies can follow when developing different components of their enterprise architectures, he said.
Agencies have found the performance reference model helpful and use it a great deal, said Dick Burk, chief architect for the Department of Housing and Urban Development. Officials have found that it helps tremendously to provide a direct link between programs and their performance metrics, said Doug Bourgeois, CIO at the U.S. Patent and Trademark Office.
However, both agreed that the business reference model, which is now in its second version and provides a view of all the overlapping business functions performed throughout government, is not quite as helpful for internal agency use.
"Overall, they're relevant in various degrees," Bourgeois said.
Got a tip? Send it to firstname.lastname@example.org.