Time for a new look at security

Federal security certification and accreditation policies don’t reflect modern networked environments and impede new mandates to share intelligence information, according to intelligence community experts who say they plan to streamline their security procedures.

Beginning this summer, the Office of the Director of National Intelligence (ODNI) will collaborate with other federal, business and academic partners to re-engineer certification and accreditation, said Dale Meyerrose, associate director of national intelligence and chief information officer at ODNI. Many aspects of security certification and accreditation, particularly when applied to intelligence systems, date from a pre-network, pre-Internet era, Meyerrose said.

He added that the federal government also needs a strategy for sharing intelligence information. Agencies should think big, start small and grow their information-sharing capabilities quickly, he said. And they should create an information-sharing cycle that every organization follows.

The processes that federal agencies use to meet mandatory security requirements need updating because they simply take too long to complete, said Daniel Kent, director of systems engineering for Cisco Systems’ federal sales organization.

Kent and Meyerrose spoke March 28 in Washington, D.C., as members of a panel organized by the Flyzik Group, Federal News Radio and Trezza Media Group.

The FBI and other organizations struggle with certification and accreditation procedures, said Zalmai Azmi, the FBI’s CIO. The bureau will work with the Justice Department and ODNI to streamline those procedures and develop uniform standards for all departments, Azmi said. Guidance from ODNI will be crucial, he added.

The federal government also needs to make greater progress on sharing intelligence information, the panel members said. Business leaders are frustrated that discussions about sharing information have produced few implementations since the 2001 terrorist attacks, said Greg Baroni, president of Unisys’ Global Public Sector. “I feel like there has been a loss of urgency.”

Azmi said federal classification policies have impeded information sharing. The government should review whether its information is overclassified, he said.

The FBI has reviewed its data and will share some of it with state and local partners through a regional data exchange program that the bureau is developing, he added.

Most security experts agree that information sharing won’t improve unless it becomes a priority. “Determining priorities in this business is something we all have to work at, and I don’t think we’re there yet,” said Carter Morris, director of information sharing and knowledge management at the Homeland Security Department.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group