Intel data protection levels to be standardized

The federal government is poised to adopt a common array of data protection levels and criteria by which the secrecy rankings are to be determined, according to Dale Meyerrose, CIO of the Office of the Director of National Intelligence.

The newly standardized security rankings will replace a patchwork of varying methods the Pentagon, the intelligence community and other agencies have adopted for assuring the technical protection of secret data, Meyerrose said today during remarks at an Association for Federal Information Resource Management event.

The AFFIRM audience of federal IT managers and vendor executives clapped when Meyerrose announced that protection levels and criteria would be made uniform across the government.

The new set of protection levels and criteria flow from the intelligence community’s project to reform certification and accreditation methods. That reform process, which has included an unprecedented level of public involvement, soon will generate a total of seven major changes to federal IT security rules, Meyerrose said.

“The particulars of those seven major changes we are still working out, but there are seven major departures from existing security doctrine,” Meyerrose said.

“I’ll give you one of them because we have pretty much already worked it out, although I won’t tip my hand on the solution,” he added.

“As most of you know, if you deal with the intelligence business, there are five protection levels (we call them PLs); if you deal with the DOD business, there are six; if you deal with NIST processes, there are four; [and other agencies have other numbers]. We are all going to use the same criteria and the same number.” At that point, the audience applauded.

“That is one of the seven. There is some controversy about some of the other [six changes]. I am glad of that, because it represents a change that bothers some folks—which means that we are getting some real change on that.”

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.