Penetration Testing mailing list archives
RE: Government Compliance
From: "L. Walker" <lwalker () magi net au>
Date: Tue, 21 Jun 2005 08:50:55 +1000
Comments below. On 17 Jun 2005 12:59PM, dentonj () gmail com wrote:
That may or may not be true. The real problem is the lack of control of the budget. Those who've worked for the government know that those who control or can influence the budget have control of what happens. Nothing gets the attention of the decision makers faster then knowing that non-compliance with a new regulation means next years budget might get cut. Until "Information Assurance" (the governments buzz word for computer security) can influence organizations or agencies budgets, the decision makers are only going to pay it lip service.
Is it lack of control with budget, or political pressure to complete projects on-time instead of ensuring maximum quality for the projects deliverables? As many have said, the pressure is on to "pass the buck", so to speak.
The other thing that gets decision makers attention is the possibility of jail time. Mishandling of classified material can quickly land someone in jail. So, classified systems and networks are locked down pretty well. The computers and networks that are connected to the internet do not process classified information. So if someone breaks into a government computer via the internet, it's not going to impact the decision makers.
How so? Leaked and planted memos and e-mails can hurt political careers. Just because it's not classified doesn't mean the data isn't important enough to protect. Especially when [U.S. Govt.] standards (NIST, etc.) define how stringent they should be with their security policies. - L. Walker
Current thread:
- Re: Government Compliance, (continued)
- Re: Government Compliance R. DuFresne (Jun 16)
- AW: Government Compliance Jörg Maaß (Jun 16)
- Government Compliance Security Professional (Jun 16)
- RE: Government Compliance Kasyan, Walter A (Tony) (Jun 16)
- RE: Government Compliance Smith, Michael J. (Jun 16)
- Re: Government Compliance Tim Adams (Jun 16)
- RE: Government Compliance Keith T. Morgan (Jun 16)
- RE: Government Compliance Todd Towles (Jun 16)
- Re: Government Compliance frank_kenisky (Jun 16)
- Re: Government Compliance Jeffrey Denton (Jun 16)
- RE: Government Compliance L. Walker (Jun 20)
- Re: Government Compliance Jeffrey Denton (Jun 16)