GovInfoSecurity.com - Information Security News, Regulations, & Education

The Chief Information Officers Council serves as the principal interagency forum for improving practices in the design, modernization, use, sharing, securing and performance of federal government agency and departmental information resources. The chair of the CIO Council is the deputy director for management for the Office of Management and Budget, and the vice chair is elected by the CIO Council from its membership of departmental and agency CIOs. The administrator of OMB's Office of E-Government and Information Technology serves as the Council's director.

The Defense Advanced Research Projects Agency (DARPA) is the central research and development office for the Department of Defense. DARPA's mission is to maintain the technological superiority of the U.S. military and prevent technological surprise from harming our national security. DARPA also creates technological surprises for our adversaries.

The U.S. Government Accountability Office (GAO) is an independent, nonpartisan agency that works for Congress. Often called the "congressional watchdog," GAO investigates how the federal government spends taxpayer dollars. GAO's mission is to support the Congress in meeting its constitutional responsibilities and to help improve the performance and ensure the accountability of the federal government for the benefit of the American people. GAO investigations originate with requests from congressional committees or subcommittees or as mandated by public laws or committee reports.

The National Institute of Standards and Technology (NIST) is a measurement standards laboratory and a non-regulatory agency of the Department of Commerce. The institute's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve quality of life. Its special publications on information security provide agencies and departments with the guidelines the federal government employs to secure federal information technology. (URL: www.nist.gov)

The National Security Agency (NSA) is a cryptologic intelligence agency of the federal government, administered as part of the Department of Defense. The NSA is responsible for the collection and analysis of foreign communications and foreign signals intelligence, which involves a significant amount of cryptanalysis. It is also responsible for protecting U.S. government communications and information systems from similar agencies abroad. NSA has recently been directed to help monitor U.S. federal agency computer networks to protect them against cyber attacks.

The cabinet-level Office of Management and Budget (OMB) is the largest office within the Executive Office of the President and serves as the main channel by which the White House oversees the activities of federal agencies. OMB provides expert advice to senior White House officials on a range of topics relating to federal policy, management, legislative, regulatory, budgetary and information technology/Internet issues. Within OMB is the Office of E-Government and Information Technology, which oversees departmental and agency compliance with IT and information security regulations.

The Offices of Inspectors General (OIG) collectively employ special agents, auditors and other types of investigators to detect and prevent fraud, waste, abuse and mismanagement of federal government programs and operations within their respective agencies or departments. Federal law requires OIG to conduct annual reviews of their agencies' information security programs and report the results to the Office of Management and Budget.

The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation. US-CERT is charged with protecting our nation's Internet infrastructure by coordinating defense against and response to cyber attacks. US-CERT is responsible for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information and coordinating incident response activities.