Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Government Compliance

from [Jeffrey Denton] Network Security [Permanent Link]
Subject: Re: Government Compliance
Date: Thu, 16 Jun 2005 19:59:11 -0700 
On 16 Jun 2005 19:09:05 -0000, frank_kenisky@psc.uscourts.gov
<frank_kenisky@psc.uscourts.gov> wrote:

. . .


Information Security within the gov is an oximoron.  Most agency CIO's and 
CISO's have about as much knowledge of Information Security as the half a 
sleep rent a cop downstairs checking badges.


That may or may not be true.  The real problem is the lack of control
of the budget.  Those who've worked for the government know that those
who control or can influence the budget have control of what happens. 
Nothing gets the attention of the decision makers faster then knowing
that non-compliance with a new regulation means next years budget
might get cut.  Until "Information Assurance" (the governments buzz
word for computer security) can influence organizations or agencies
budgets, the decision makers are only going to pay it lip service.

The other thing that gets decision makers attention is the possibility
of jail time.  Mishandling of classified material can quickly land
someone in jail.  So, classified systems and networks are locked down
pretty well.  The computers and networks that are connected to the
internet do not process classified information.  So if someone breaks
into a government computer via the internet, it's not going to impact
the decision makers.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Government Compliance, frank_kenisky
Next by Date:  Re: Why Penetration Test?, rmeijer
Previous by Thread:  Re: Government Compliance, frank_kenisky
Next by Thread:  RE: Government Compliance, L. Walker
Indexes:  [Date] [Thread] [Top] [All Lists]