Topic: Government Policy

I am playing to a certain extent with the word “honesty” here. In the statement “honesty is the best policy” I am making a statement about disposition, and in the second the definition of “honesty” changes. If I were to ask if it were an “ethical” policy, the answer is easy: yes it is.

It seems that just as we move forward in securing our networks, we take two steps back. Or do we?

In 2006, the Office of Management and Budget (OMB) required two-factor authentication and VPN technology through the M-06-16 memo. Departments and Agencies moved quickly to deploy both two-factor authentication as well as VPN technology.

Organizations everywhere have been rapidly adopting the use of social networking tools over the last couple of years and recent data suggests that the use of these tools has exploded exponentially in enterprises during the last six months of 2009. For more on that phenomenon, see this recent story in Government Computer News. During its first year, the Obama Administration has encouraged the adoption of social networking tools by federal government agencies to help increase information sharing, improve collaboration, and foster more transparency in government.

Click to Download/Listen

This week's Speaking of Security podcast features a discussion on the use of social media by the US government. Mischel Kwon, VP of Public Sector Security Solutions for RSA and a former Director for the US Department of Homeland Security is our guest.

Click to Download/Listen

This week's Speaking of Security podcast features an exclusive interview with Mischel Kwon, RSA's new VP of Public Sector Security Solutions for the Professional Services team. Prior to joining RSA, Ms. Kwon served as Director for the US CERT (Computer Emergency Readiness Team) for the Department of Homeland Security.

It's true. Mischel Kwon has resigned from her post of Director of the U.S. CERT at the Department of Homeland Security. A significant loss for the Department will be a major gain for RSA, The Security Division of EMC, as Mischel is a talented, hard working senior security professional with experience in both the public and private sectors. We are delighted to have her join our company as a member of the RSA/EMC team.

The term “software assurance” is often used interchangeably with the term “software security” to refer to the practices of avoiding and detecting unintentional vulnerabilities during the software development process.

I wrote in two blog posts last October that the U.S. government and other nations around the world are focusing more attention on product security and technology supply chain issues. In my blog on October 14, 2008 I stated: “Government buyers nearly everywhere are insisting on more secure products and some level of assurance that the software or hardware that you are selling them is secure.”