[ISN] Security group wants ideas

InfoSec News isn at c4i.org
Wed Apr 20 04:13:08 EDT 2005


By Florence Olsen
April 19, 2005 

Federal agencies spent up to $2 billion last year reinventing the 
wheel to make federal information systems more secure, an Office of 
Management and Budget official said this week. That amount was nearly 
a half of the $4.2 billion that federal agencies spent on information 
systems security in fiscal 2004.

Glenn Schlarman, chief of the information policy branch at OMB, said 
an interagency task force representing all federal agencies is 
appealing to industry officials for ideas to help reduce those costs 
and improve information security governmentwide.

"We already know we're going to save a bunch of money," said John 
Sindelar, deputy associate administrator of the Office of 
Governmentwide Policy at the General Services Administration. He and 
Schlarman were among more than a half-dozen federal officials who 
spoke on Monday at an Enterprise Cybersecurity Practioners Day in 
Washington, D.C.

Sindelar is also project executive for the interagency effort to 
improve information systems security by consolidating certain security 
functions and adopting government and industry best practices, 
procedures and policies.

Systems integrators who attended the industry event were asked to 
submit information about approaches they have found to be successful 
in creating large-scale information security programs. Government 
officials also have issued an official request for information about 
information systems security.

Federal officials said they plan to take that information, which must 
be submitted by May 5, and incorporate it into business case documents 
that federal agencies will review and submit in final form with their 
budget requests for fiscal 2007.

OMB requires federal agencies to submit business cases to justify 
their spending on information security. The deadline for submitting 
business cases for consideration during the fiscal 2007 budget 
planning process is September 2005.

Sindelar said governmentwide procurements of information security 
hardware, software and services could begin as early as fiscal 2006 
and would extend to fiscal 2007 and beyond. "We're interested in ideas 
not only for what we procure but also how we procure it," he said.

More information about the ISN mailing list