Letter to the editor
This is in response to an FCW.com survey question that asked "What is the primary obstacle to improving information security at federal agencies?"
Education. So much policy has been written and so much guidance has been given, that most managers fully understand they need to get moving. But most have no clue (despite what is available) what to do. They are understandably reluctant to expend scarce funds unwisely. At this point, more policy, rules or legislation would not be helpful.
Name withheld by request