Microsoft Federal Chief Technology Officer Susie Adams and Chief Security Officer Bill Billings praise the new Federal Risk and Authorization Management Program that should make cloud computing easier to adopt by government agencies.
It's not just the need to educate federal officials, but the necessity to build trust in cloud computing to get the government to adopt the relatively nascent technology, says Mel Greer, Lockheed Martin's cloud computing chief strategist.
Within days, the State Department can tell which systems have and have not been patched. When State CISO John Streufert learned of the critical problem posed by the Aurora vulnerability, he didn't have to send an e-mail. The process was automated.
"Folks should not be fearful that if they don't have the skill set, they have to go find a new job because it's my responsibility to make sure that ... we are going to retrain them," says Jerry Davis, NASA deputy chief information officer for security.
Though IT California state government is decentralized, there's still critical role for state CISO Mark Weatherford to perform to assure that departments and agencies do what needs to be accomplished to secure digital assets.
The key tenet of the cloud is availability. But, asks the former White House official who led President Obama's Cyberspace Policy Review, where are the other cornerstones of information security: integrity and confidentiality?