Software group has security framework

Information Security Governance: Toward a Framework for Action

The Business Software Alliance's Information Security Governance Task Force released its security management framework today.

The document, titled "Information Security Governance: Toward a Framework for Action," is meant to help companies comply with federal laws and alleviate increased consumer security concerns. It is modeled after the structure outlined for government agencies in the Federal Information Security Management Act of 2002. The framework breaks down business drivers, roles and responsibilities and metrics for chief executives, business unit heads, program managers and other managerial personnel.

"Information security is not just a technical issue that can be addressed by the CIO," said Bill Conner, chief executive officer, chairman and president of Entrust Inc., and cochairman of the task force. "It is a corporate governance issue that must be addressed by CEOs and boards of directors."

Companies' need for a governance structure is particularly strong right now with a number of federal regulations and laws in place requiring security and privacy measures, according to BSA. These include the Health Insurance Privacy and Accountability Act and the Graham-Leach-Bliley Act, which respectively focus on the health care and financial services industries.

The Bush administration, through the Homeland Security Department's Information Analysis and Infrastructure Protection Directorate, has launched a major push encouraging the private sector to increase its security capabilities. The National Infrastructure Advisory Council will meet next week to discuss industrywide efforts, including guidelines for disclosing vulnerabilities and best practices for sharing and analyzing incident information.

Featured

  • Oversight
    President of the United States of America, Donald J. Trump, attends the 2019 Army Navy Game in Philadelphia, Pa., Dec. 14, 2019. (U.S. Army photo by Sgt. Dana Clarke)

    Trump shakes up official watchdog ranks

    The White House removed an official designated to provide oversight to the $2 trillion rescue and relief fund and nominated a raft of new appointees to handle oversight chores at multiple agencies.

  • Workforce
    coronavirus molecule (creativeneko/Shutterstock.com)

    OMB urges 'maximum telework flexibilities' for DC-area feds

    A Sunday evening memo ahead of a potentially chaotic commute urges agency heads to pivot to telework as much as possible.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.