September 29, 2003
Volume 1, Number 4
|
Submit your press releases,white papers and case studies on innovation and best practices, click here | |
Speaking of Experts
Paller Will Break Down FISMA
Among the many subject-matter experts on the agenda at this year?s Federal Information Assurance Conference in College Park, Md. (Oct. 21 ? 23), Alan Paller might be the one whose expertise ranges the widest. The director of research at the SANS Institute has seemingly been an advocate for an activist approach to federal IT security as long as there has been federal IT.
 Never one to shy away from the heart of an issue, Paller earlier this year told Congress that American IT interests ?are in the middle of an arms race? with hackers, online criminals and other black hats. The ongoing IT war ?is one we are going to be fighting for a long time,? he told lawmakers.
At FIAC in October, Paller will address the centerpiece legislation guiding agencies, the Federal Information Security Management Act. The 2002 FISMA law gained traction this year when new levels of IT security compliance were achieved by a significant number of agencies by way of the various mechanisms the law enables.
Many of those compliances followed from adoption of better security testing processes encompassed by guidance from groups like the SANS Institute, which aids industry and government organizations like the National Institute of Standards and Technology in developing a variety of IA and IT security practices and standards.
Paller, however, has commented in the recent past on gaps in how compliance programs sometimes operate, and also on the need for government to more energetically enable a security marketplace via its own system requirements and its spending power.
|
The SANS Institute aids industry and government organizations like NIST in developing a variety of IA and IT security practices and standards. | Paller?s voice has consistently sounded the nearly anthem-like caution that commercial systems inevitably arrive on the marketplace with known vulnerabilities and that threats must be understood as equally dangerous across the horizon of IT-dependent organizations. His view on where we are today with the implementation of FISMA is sure to provoke a better understanding of where we ought to go.
Paller will address FIAC at 11:15 a.m. on Oct. 22 as part of the ?IA Legislation and Policy? program. For more information about attending FIAC, visit http://www.fbcinc.com/fiac/ For more information about the SANS Institute, visit http://www.sans.org .
Alan Paller was interviewed by Public Sector Communications senior editor Robert Green. Contact him at robertgreen@pubsector.net.
Photo courtesy: The EESI |
