Buzz of the Week: Re-prioritizing security

Security is always important, but there is also security’s dirty secret: It generally becomes a priority only after a security incident.

There are many reasons for that. One is that the job of security is never done. There is always more to do. Another is that security is often seen as a hindrance to getting one’s job done. Yet most people understand that in our increasingly interconnected and networked world, security must be one of our priority concerns.

For the past few years, security has been locked into that important-but-not-top-priority status. Yet throughout 2007, security seems to have been climbing on the priority list.

For months, there have been talks about creating a governmentwide standard desktop PC configuration. The purpose is ensuring basic PC security.

Then, too, there are the ongoing initiatives for Homeland Security Presidential Directive 12 and IPv6.

But in recent weeks, the Bush administration has asked Congress to immediately move $152 million into cybersecurity programs for fiscal 2008. Late last month, the administration also promoted Marie O’Neill Sciarrone to special assistant to the president for homeland security and senior director of cybersecurity and information-sharing policy.

And, in recent weeks, the Office of Management and Budget has been talking about the Trusted Internet Connections initiative, a move to reduce the number of government connections to the Internet.

Agencies’ mandatory use of the Homeland Security Department’s Einstein program, which Federal Computer Week profiled in May,would be part of that plan.

Einstein gives agencies the ability to monitor their Internet gateways in real time and helps them react more quickly to security incidents.

Recently, we have also seen renewed efforts to focus on critical infrastructures. The Federal Energy Regulatory Commission last week proposed requiring energy companies to provide much more detailed reports on the security of their systems and on their mitigation efforts.

After all, everyone needs power to get their job done.

So is security becoming priority No. 1? Probably not.

The top slot will always be reserved for getting the job done, but we can only hope that, increasingly, people are understanding that security is mission-critical  

The Buzz Contenders

#2 Resolution continuing
Through a cloud of White House and congressional bickering, agency officials briefly saw a gleam of sunlight: They would have the funding to operate at least one more week.

President Bush and Congress amended a continuing resolution Dec. 13, hours before the stream of federal funding dried up.

Bickering between the White House and Congress has stalled the budget process.

With 11 remaining appropriations bills and little time before Congress goes home for a break, lawmakers last week pondered an omnibus spending bill so the government would have a fiscal 2008 budget, but the White House jumped in with more threats.

# 3 Avoid name dropping
A quick reminder: Dropping the name of your favorite brand into a contract solicitation is OK, provided you describe the brand’s general characteristics so another company can understand what you need.

It’s a procurement rule that agencies often ignore, which presents a challenge for acquisition leaders responsible for ensuring fairness in federal contracting.

Inappropriate use of brand names, such as Cisco Systems or Packeteer, can delay contract awards. Apparently, that’s what has stalled the Homeland Security Department’s award of a task order for creating OneNet for handling sensitive but unclassified data.

# 4 Do we need another chief to manage?
Sens. Daniel Akaka (D-Hawaii) and George Voinovich (R-Ohio) reiterated their desire to create chief management officer positions in federal agencies.

Without CMOs, Akaka said, agencies will continue to have difficulty sustaining strategic planning and workforce and business transformation changes from one administration to the next.

The counterargument came from Clay Johnson, deputy director of management at the Office of Management and Budget. CMOs? Not necessary, he said, because that’s the job of Senior Executive Service employees.