Energy security policy drafted

The Energy Department has finished drafting its comprehensive cybersecurity policy, a top official said.

The policy, signed by Energy Secretary Spencer Abraham, is in line with the Federal Information Security Management Act (FISMA) of 2002, said department chief information officer Karen Evans, speaking today at an executive breakfast hosted by Federal Sources Inc. and the Information Technology Association of America.

FISMA, passed in December 2002 as part of the E-Government Act, updates the Government Information Security Reform Act (GISRA) of 2000, which expired Nov. 29, 2002. GISRA combined many federal security policies into one law.

"We view cybersecurity as a battle for supremacy," Evans said. "The process is a continuous improvement process."

As part of its strategy, the department has launched a massive effort to certify and accredit all its unclassified systems, she said.

Providing information technology security awareness training to employees is another key component, she said.

This summer, Energy officials hope to award a contract for the deployment of enterprise licenses across the department.


  • Government Innovation Awards
    Government Innovation Awards -

    Congratulations to the 2021 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Acquisition
    Shutterstock ID 169474442 By Maxx-Studio

    The growing importance of GWACs

    One of the government's most popular methods for buying emerging technologies and critical IT services faces significant challenges in an ever-changing marketplace

Stay Connected