DOE sets security course

[mea culpa <jericho () DIMENSIONAL COM>]

From: "Prosser, Mike" <mike.prosser () L-3Security com>

[Hummm,  wonder what ever became of all the awareness training that was
 given, policies that were in place, and initiatives that existed for all
 the previous years?  Seem to remember a whole bunch of that from a
 previous life. This article makes it sound like this is a new concept in
 security! -mike]

September 27, 1999
DOE sets security course
CIO John Gilligan will spearhead the effort.
Department will allot $80 million to bolstering data controls
By Frank Tiboni
GCN Staff

The Energy Department will spend $80 million over the next two years to
create a security net for its systems, chief information officer John
Gilligan said of the cybersecurity plan he will roll out departmentwide
next month.

The four-point plan calls for sweeping changes in how the department
protects its data re-sources, Gilligan said. He said the plan's four areas
address policy, personnel, operational and technical requirements. He
submitted the plan to Energy senior management late last month and got the
green light to begin work immediately.

To make sure that new security initiatives take hold beyond department
headquarters, Gilligan has asked field sites to designate CIOs or
equivalent officials as lead security officers.

The obvious first step is awareness, Gilligan said, so a major component
of the plan is training and education. The department will begin a
two-year, $2 million multimedia program right away, he said.

Secretary Bill Richardson initiated several security re-forms in the wake
of the Los Alamos espionage scandal, including giving computer security
oversight to Gilligan [GCN, May 24, Page 1].

A central component of Richardson's reform package directs Gilligan to
improve the security of information that is stored, processed or
transmitted by Energy systems.

[snip..]

ISN is sponsored by Security-Focus.COM