in

Gourley: Intelligence Community Should Provide Unclassified Cyber Threat Assessments Annually

Gourley: Intelligence Community Should Provide Unclassified Cyber Threat Assessments Annually - top government contractors - best government contracting event
Bob Gourley
Gourley: Intelligence Community Should Provide Unclassified Cyber Threat Assessments Annually - top government contractors - best government contracting event
Bob Gourley

Last week, Sens. Joe Lieberman, Susan Collins and Tom Carper unveiled the Protecting Cyberspace as a National Asset Act of 2010, S.3480. The bill will create a permanent Office of Cyber Policy in the White House and form a give the Department of Homeland Security the power to enforce cyber policy in the government and private sector.

Bob Gourley, CTO of Crucial Point LLC, recently wrote an article with his analysis of the bill. One of the issues Gourley points out is the bill’s provision that the Cyber Coordinator position would be Senate-confirmed, which “will help underscore for the executive branch that this issue should be taken a bit more serious.”

The creation of the National Center for Cybersecurity and Communications (NCCC) within DHS also reinforces that message, according to Gourley. “Tt also empowers an individual and group to do something that no one has been authorized to do before (at least no one under the rank of President),” he writes. “This office will have authority to lead across government.”

For that be effective, Gourley writes that the Department must choose the a capable and intelligence technology leader to head the NCCC. “The nation must choose wisely and put a very smart technology leader in this position,” he writes. “Someone who can enforce the right standards and give direction when required but can back off and let agency IT leaders run things when required and that person must be smart enough to know when and how to decide what to decide about.”

Gourley also praises the movement towards a system of continuous monitoring rather than the current FISMA structure. “Updating FISMA is long overdue,” he writes. “Moving towards real-time monitoring is GREAT!”

Additionally, making NCCC the central coordination point across the federal government is “a solid move.” The proposed effort to create secured supply chains, remove any impediments to sharing information and factoring in the human side of cybersecurity are also important, Gourley writes.

In addition to his praise for the bill, Gourley has one additional piece he would like to see added to the bill.

“I want to suggest that the U.S. Intelligence Community be tasked with providing a detailed yearly cyber intelligence threat assessment  for unclassified dissemination,” he writes. “The IC does a good job of providing some counterintelligence assessments and frequently mentions cyber in open fora like Congressional Testimony, but I believe this issue deserves a focused, NIE-like report dedicated to this topic.  Of course the IC should also be tasked with support to the NCCC.”

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Admin

Lynn: Cyber Attacks Would Harm US, Canada Ties - top government contractors - best government contracting event
Lynn: Cyber Attacks Would Harm US, Canada Ties
Hacker Threatens Biden, Frames Neighbor