The circuit

A Cab Ride Home: Priceless

The total estimated cost of this month's big blackout: as much as $6 billion. The price of bottled water during the outage: $15. The cost of being able to get home from New York during the blackout: priceless.

Or so goes the MasterCard commercial if Harris Miller wrote it.

It's a good thing a New York City cabbie thought Miller looked like an upstanding citizen despite his rumpled suit and disheveled appearance after a sleepless night Aug. 14, when the lights went out in the Big Apple.

Like millions of others, the president of the Information Technology Association of America got stuck in New York during the worst blackout in history. He managed to get a steamy hotel room near LaGuardia Airport, and early the next morning, he got a cab to take him to Philadelphia.

With no money in his pocket, Miller convinced the driver that he was good for the $350 fare. When he got to Philadelphia's 30th Street train station, he hit the ATM. Then he got on the train and came back to Washington, D.C., where he took a cab to National Airport to pick up his car and then went to the office wearing the same clothes he had on the night before.

The 'D'oh!' Approach

Clearly, having the White House Web site hacked and defaced is a bad thing. So is having the network penetrated by an attacker, even though the public can't see it.

Really, the security folks in the Executive Office of the President (EOP) can't make any firmer guarantees than those in any other agency. But that excuse isn't going to fly as worms, viruses and other bugs run through government and private networks worldwide, said Jaime Borrego, director of information assurance in the EOP's Office of the Chief Information Officer, speaking last week at an information security symposium sponsored by Unisys Corp.

"I can't go back to the CIO and say it's OK that we got hit because a whole bunch of other agencies out there did," he said.

Critical Infrastructure Indeed

Meanwhile, the House Select Committee on Homeland Security will hold a series of hearings next month on the implications of the recent blackout and the potential for future ones.

Committee chairman Rep. Christopher Cox (R-Calif.) said the hearings would look into the vulnerability of the nation's power supply and distribution system to attack and the impact on the nation's public health, food and water supply.

"We must determine accurately how vulnerable our power system is to attack and sustained denial, and what steps our government is taking to reduce that vulnerability and mitigate the potential damage through contingency planning," Cox said.

Nonstandard Standards

Security standards aren't really what a hard-core expert would call standards, and everyone accepts that. But that doesn't stop the experts from getting a little frustrated sometimes.

Scott Paisley, technology director at Internet Security Systems Inc., spent almost 15 years of his career at the National Institute of Standards and Technology. There are times, he admitted last week, when he's helping yet another organization integrate a firewall, intrusion- detection system and three other security solutions that he thinks fondly of the ability to take a screw bought in one state and use it with a bolt bought clear across the country.

It's nice to have some things you can rely on, he told the audience at the security symposium sponsored by Unisys.

Model Ready to Sashay

The performance reference model for the federal enterprise architecture, which will outline the links between program goals and the metrics for whether or not agencies are achieving those goals, should be released soon as a final document, said Bob Haycock, acting program manager of the Federal Enterprise Architecture Program Management Office.

The reference model is in the "final throes of review" and has already been in agency officials' hands in draft form for the past several weeks, he said Aug. 13 at a Federal Sources Inc. conference for solutions architects.

The program management office, working with the CIO Council's Architecture and Infrastructure Committee, is also developing several tools for officials working on enterprise architectures within their agencies, including a methodology that agencies can follow when developing different components of their enterprise architectures, he said.

Agencies have found the performance reference model helpful and use it a great deal, said Dick Burk, chief architect for the Department of Housing and Urban Development. Officials have found that it helps tremendously to provide a direct link between programs and their performance metrics, said Doug Bourgeois, CIO at the U.S. Patent and Trademark Office.

However, both agreed that the business reference model, which is now in its second version and provides a view of all the overlapping business functions performed throughout government, is not quite as helpful for internal agency use.

"Overall, they're relevant in various degrees," Bourgeois said.

Got a tip? Send it to circuit@fcw.com.

About the Author

Connect with the FCW staff on Twitter @FCWnow.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.