TRENDING:

Burst Stovepipes to Aid in Metrics Creation

NIST Units to Help Develop New Rules for IT Security Compliance. Eric Chabrow (GovInfoSecurity) • March 23, 2009    
Burst Stovepipes to Aid in Metrics Creation
When Congress enacts and President Obama signs legislation to reform the Federal Information Security Act, perhaps as early as this year, the National Institute of Standards and Technology (NIST) will be charged to develop new metrics federal agencies must follow to assure government information systems are secure.

That's what happened with the enactment of FISMA in 2002, but today NIST will be better prepared to use all of its resources to accomplish the assigned task.

The culture at NIST in 2002 wasn't highly collaborative, even among organizations for instance, the Computer Security and Mathematical and Computational Sciences divisions within the Institute's Information Technology Laboratories (ITL). "Seven years ago, we were pretty determinedly stovepiped," Curt Barker, chief of ITL's Computer Security Division, says in an interview with GovInfoSecurity.com.

That's no longer the case. "Like a lot of other organizations, we were stovepiped pretty heavily in the past, and those cylinders of excellence have been effectively burst," Barker says. Now, "there's a great deal of sharing of resources, and frankly, I'm counting on that very heavily for activities such as (developing) metrics."

When time comes to create the new metrics, Computer Security and Mathematical and Computational Sciences will be partners.

Barker credits ITL Director Cita Furlani with felling the barriers among the lab's units. "I would hate to put words in my boss' mouth, but she felt resources weren't being effectively employed as possible," Barker said. "You could end up duplicating skills or having gaps in skills unless you can get the full organization work as unit."

Previous
ManTech Completes DDK Acquisition
Next
Cybersecurity: What it Takes to Make a Career

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

How 2U Inc. Is Fortifying Its Systems and Solutions Designs
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
Aité-Novarica's Cybersecurity Impact Award
Aité-Novarica's Cybersecurity Impact Award
Whistleblowing Brings Visibility to the Role of CISOs
Whistleblowing Brings Visibility to the Role of CISOs
Showing Evidence of 'Recognized Security Practices'
Showing Evidence of 'Recognized Security Practices'
The Persisting Risks Posed by Legacy Medical Devices
The Persisting Risks Posed by Legacy Medical Devices
Protecting the Hidden Layer in Neural Networks
Protecting the Hidden Layer in Neural Networks
David Derigiotis on the Complex World of Cyber Insurance
David Derigiotis on the Complex World of Cyber Insurance
Craig Box of ARMO on Kubernetes and Complexity
Craig Box of ARMO on Kubernetes and Complexity
Organization-Wide Passwordless Orchestration
Organization-Wide Passwordless Orchestration
Are We Doomed? Not If We Focus on Cyber Resilience
Are We Doomed? Not If We Focus on Cyber Resilience

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.