[ISN] DOJ cybersecurity effort aims for Center of Excellence status

InfoSec News isn at c4i.org
Fri Sep 2 06:50:39 EDT 2005


By Rob Thormeyer 
GCN Staff

The Justice Department will attempt to become a Center of Excellence
for the Cybersecurity Line of Business initiative, a senior agency
official said.

Dennis Heretick, DOJ's chief information security officer and director
of the agency's IT security staff, said yesterday at a workshop in
Washington that the department will submit a business case to the
Office of Management and Budget outlining how its Cyber Security Risk
and Assessment and Management program could become a standard for
federal agencies.

Justice launched CSAM to document measures the agency takes to
maintain the security of its IT systems, Heretick said, and he
described it as similar to a Defense Department initiative. Heretick
said Justice implemented "best practices" from the Transportation,
State and Homeland Security departments, as well as the intelligence

Heretick, speaking at an Information Security Report Card Symposium
sponsored by the CIO Council, said the CSAM program also relied
heavily on Justice's Certification and Accreditation client and
TrustedAgent, a data-management program developed by Trusted
Integration Inc. of Alexandria, Va., that streamlines and standardizes
Federal Information Security Management Act information.

"These tools provide online procedures, templates and subject-matter
expert help instructions that allow us to emphasize implementing
security versus spending on documenting security plans," Heretick

The Cybersecurity Line of Business initiative is an effort by OMB to
get a clear understanding of how much money federal agencies are
spending on IT security. DOJ is one of a handful of agencies seeking
to become a Center of Excellence; the other agencies were unknown at
press time.

More information about the ISN mailing list