Government Information Security Podcast

FISMA has been somewhat maligned this year as a paper-pushing law that prompts chief information security officers to file the right documents rather than truly secure the IT their charged to safeguard. But Gil Vega sees a lot of good in the seven-year-old Federal Information Security Management Act. The CISO at the Department of Homeland Security agency known as ICE - Immigration and Customs Enforcement - credits FISMA with getting secretaries and agency heads to recognize the importance of regularly monitoring IT security. Still, Vega says the time is right for a new law that requires the continuous monitoring of IT systems for potential threats. Vega, in an interview with GovInfoSecurity, shares his thoughts on how FISMA should be reformed as well as the actions ICE is taking in anticipation of FISMA reform to implement continuous monitoring of the agency's information assets. He also discusses the steps ICE takes in recruiting IT securing personnel and the need to find more technically skilled staffers. Vega spoke with Eric Chabrow, GovInfoSecurity.com managing editor.

Cybersecurity is the buzzword these days, and in terms of education ... Carnegie Mellon University is all over it, and has been for nearly a decade. In an exclusive interview, Pradeep Khosla, dean of the College of Engineering at Carnegie Mellon, discusses: The school's current cybersecurity programs; Hot career opportunities for graduates; Advice for those looking to start or jump-start a cybersecurity career. Khosla is currently Dean of the College of Engineering and the Philip and Marsha Dowd University Professor at Carnegie Mellon. His previous positions include: Founding Director, Carnegie Mellon CyLab; Head, Department of Electrical and Computer Engineering; Director, Information Networking Institute; Founding Director, Institute for Complex Engineered Systems (ICES); and Program Manager, Defense Advanced Research Projects Agency (DARPA), where he managed a $50M portfolio of programs in real-time systems, internet enabled software infrastructure, intelligent systems, and distributed systems.

Cybersecurity is the buzzword these days, and in terms of education ... Carnegie Mellon University is all over it, and has been for nearly a decade. In an exclusive interview, Pradeep Khosla, dean of the College of Engineering at Carnegie Mellon, discusses: The school's current cybersecurity programs; Hot career opportunities for graduates; Advice for those looking to start or jump-start a cybersecurity career. Khosla is currently Dean of the College of Engineering and the Philip and Marsha Dowd University Professor at Carnegie Mellon. His previous positions include: Founding Director, Carnegie Mellon CyLab; Head, Department of Electrical and Computer Engineering; Director, Information Networking Institute; Founding Director, Institute for Complex Engineered Systems (ICES); and Program Manager, Defense Advanced Research Projects Agency (DARPA), where he managed a $50M portfolio of programs in real-time systems, internet enabled software infrastructure, intelligent systems, and distributed systems.

Rhode Island's information security staff consists of two people - the chief information security officer and the deputy CISO - which shouldn't be surprising considering the state is the smallest one in the nation, at least geographically. But size can be deceiving. In reality, many of the IT specialists working in the various agencies also have been charged with securing the state's IT assets. In an interview with GovInfoSecurity.com, CIO Jack Landers and CISO Ernie Quaglieri discuss how cybersecurity is integrated into the state IT operation. They also discuss their working relationship as well as how a recent move to centralize IT functions in state government is proving beneficial. Landers and Quaglieri spoke with Eric Chabrow, managing editor of GovInfoSecurity.com.

Rhode Island's information security staff consists of two people - the chief information security officer and the deputy CISO - which shouldn't be surprising considering the state is the smallest one in the nation, at least geographically. But size can be deceiving. In reality, many of the IT specialists working in the various agencies also have been charged with securing the state's IT assets. In an interview with GovInfoSecurity.com, CIO Jack Landers and CISO Ernie Quaglieri discuss how cybersecurity is integrated into the state IT operation. They also discuss their working relationship as well as how a recent move to centralize IT functions in state government is proving beneficial. Landers and Quaglieri spoke with Eric Chabrow, managing editor of GovInfoSecurity.com.

Identity theft is a growing concern for governments, businesses and citizens alike. "We're in the middle of a national identity crisis," says Neville Pattinson, VP of Government Affairs & Standards, NA., Gemalto. In an exclusive interview, Pattinson discusses: The case for credentialing; Practical applications of credentialing in the government and healthcare industries - and how other industries can benefit; Good first steps toward secure, effective solutions. Pattinson is a leading expert on smart cards and using the microprocessor chip to keep identity credential data and biometrics secure and private. Pattinson has been heavily involved in planning and implementing a number of federal government security initiatives including the Department of Defense Common Access Card (CAC); the State Department's electronic passport; the Western Hemisphere Travel Initiative cards; the Department of Transportation's Transportation Worker Identity Credential (TWIC) and the Transportation Security Administration's Registered Traveler program. Pattinson works closely with the General Services Administration, Treasury, Homeland Security, Veterans Affairs and NASA, which all have smart ID programs underway.

Identity theft is a growing concern for governments, businesses and citizens alike. "We're in the middle of a national identity crisis," says Neville Pattinson, VP of Government Affairs & Standards, NA., Gemalto. In an exclusive interview, Pattinson discusses: The case for credentialing; Practical applications of credentialing in the government and healthcare industries - and how other industries can benefit; Good first steps toward secure, effective solutions. Pattinson is a leading expert on smart cards and using the microprocessor chip to keep identity credential data and biometrics secure and private. Pattinson has been heavily involved in planning and implementing a number of federal government security initiatives including the Department of Defense Common Access Card (CAC); the State Department's electronic passport; the Western Hemisphere Travel Initiative cards; the Department of Transportation's Transportation Worker Identity Credential (TWIC) and the Transportation Security Administration's Registered Traveler program. Pattinson works closely with the General Services Administration, Treasury, Homeland Security, Veterans Affairs and NASA, which all have smart ID programs underway.

Interview with Prof. N. Paul Schembari, East Stroudsburg University Information security - it's now a major national priority, and it's also the subject of a new Master's of Science program at East Stroudsburg University. This unique, online graduate program debuts on Aug. 31, and in an exclusive interview ESU professor N. Paul Schembari discusses: The program's unique characteristics; Educational and career opportunities for prospective students; How to quickly take steps toward enrollment.

Interview with Prof. N. Paul Schembari, East Stroudsburg University Information security - it's now a major national priority, and it's also the subject of a new Master's of Science program at East Stroudsburg University. This unique, online graduate program debuts on Aug. 31, and in an exclusive interview ESU professor N. Paul Schembari discusses: The program's unique characteristics; Educational and career opportunities for prospective students; How to quickly take steps toward enrollment.

Interview of Will Pelgrin, New York State Director of Cybersecurity and Critical Infrastructure Money's tight everywhere in this recession, and New York State - like other governments - need to be innovative in how to secure its information assets. For Will Pelgrin, the director of the state Office of Cybersecurity and Critical Infrastructure Coordination, that means keeping key executive branch officials - from the governor on down - and lawmakers informed about the threats to the state's information systems is key in getting the needed backing to support his efforts. Such briefings are crucial, Pelgrin says, because those who control state coffers don't perceive cyber threats as IT professionals do. Not only briefing them, but putting cybersecurity in a context they understand - i.e.: if you don't have a break-in, you don't remove your locks - is critical. In the second of a two-part interview with GovInfoSecurity.com, Pelgrin discusses the need to make new technologies such as social networks secure for state employees because of the potential benefits they offer. In the first part, Pelgrin discussed the synergy between safeguarding IT and physical infrastructures and the need for government and business to work together to ensure cybersecurity. Pelgrin was interviewed by Eric Chabrow, managing editor of GovInfoSecurity.com

Interview of Will Pelgrin, New York State Director of Cybersecurity and Critical Infrastructure Money's tight everywhere in this recession, and New York State - like other governments - need to be innovative in how to secure its information assets. For Will Pelgrin, the director of the state Office of Cybersecurity and Critical Infrastructure Coordination, that means keeping key executive branch officials - from the governor on down - and lawmakers informed about the threats to the state's information systems is key in getting the needed backing to support his efforts. Such briefings are crucial, Pelgrin says, because those who control state coffers don't perceive cyber threats as IT professionals do. Not only briefing them, but putting cybersecurity in a context they understand - i.e.: if you don't have a break-in, you don't remove your locks - is critical. In the second of a two-part interview with GovInfoSecurity.com, Pelgrin discusses the need to make new technologies such as social networks secure for state employees because of the potential benefits they offer. In the first part, Pelgrin discussed the synergy between safeguarding IT and physical infrastructures and the need for government and business to work together to ensure cybersecurity. Pelgrin was interviewed by Eric Chabrow, managing editor of GovInfoSecurity.com

Interview of Will Pelgrin, New York State Director of Cybersecurity and Critical Infrastructure Coordination Will Pelgrin is a CISOs CISO. Minnesota Chief Information Security Officer Chris Buse describes Pelgrin - director of New York State's Office of Cybersecurity and Critical Infrastructure Coordination - as "cool testament" to the type of leaders emanating out of state government. Pelgrin chairs the Multi-State Information Sharing and Analysis Center - MS ISAC - a 50-state consortium that collects information on cyber threats to government and critical infrastructure IT shares that information among the states and local governments. He also served as a member on the Commission on Cybersecurity for the 44th Presidency. In New York, he heads the New York State Public/Private Sector Cybersecurity Workgroup that consists of representatives from federal, state and local governments, academia and business and ensures cyber readiness in the state. In the first of a two-part interview with GovInfoSecurity.com, Pelgrin discusses the synergy between safeguarding IT and physical infrastructures and the need for government and business to work together to ensure cybersecurity. In part 2 of the interview, Pelgrin addresses the impact of the recession on government cybersecurity spending and how best to employ social networks securely. Pelgrin was interviewed by Eric Chabrow, managing editor of GovInfoSecurity.com.

Interview of Will Pelgrin, New York State Director of Cybersecurity and Critical Infrastructure Coordination Will Pelgrin is a CISOs CISO. Minnesota Chief Information Security Officer Chris Buse describes Pelgrin - director of New York State's Office of Cybersecurity and Critical Infrastructure Coordination - as "cool testament" to the type of leaders emanating out of state government. Pelgrin chairs the Multi-State Information Sharing and Analysis Center - MS ISAC - a 50-state consortium that collects information on cyber threats to government and critical infrastructure IT shares that information among the states and local governments. He also served as a member on the Commission on Cybersecurity for the 44th Presidency. In New York, he heads the New York State Public/Private Sector Cybersecurity Workgroup that consists of representatives from federal, state and local governments, academia and business and ensures cyber readiness in the state. In the first of a two-part interview with GovInfoSecurity.com, Pelgrin discusses the synergy between safeguarding IT and physical infrastructures and the need for government and business to work together to ensure cybersecurity. In part 2 of the interview, Pelgrin addresses the impact of the recession on government cybersecurity spending and how best to employ social networks securely. Pelgrin was interviewed by Eric Chabrow, managing editor of GovInfoSecurity.com.

Larry Kettlewell is Kansas' chief information security officer, but has no direct authority over individual state agencies' implementation of IT security. But Kettlewell isn't without influence. He chairs the state IT Security Council and heads the Department of Information Services and Communication's Enterprise Security Office, which coordinates incident response and oversees the state's IT infrastructure as it relates to security. In an interview with GovInfoSecurity.com, Kettlewell discusses: Kansas' uncommon approach to IT security governance; Major obstacles the state faces in securing IT; How cybersecurity policy being developed in Washington will have an impact on states; and Challenges in recruiting an IT security workforce. Eric Chabrow, GovInfoSecurity managing editor, interview Kettlewell.

Larry Kettlewell is Kansas' chief information security officer, but has no direct authority over individual state agencies' implementation of IT security. But Kettlewell isn't without influence. He chairs the state IT Security Council and heads the Department of Information Services and Communication's Enterprise Security Office, which coordinates incident response and oversees the state's IT infrastructure as it relates to security. In an interview with GovInfoSecurity.com, Kettlewell discusses: Kansas' uncommon approach to IT security governance; Major obstacles the state faces in securing IT; How cybersecurity policy being developed in Washington will have an impact on states; and Challenges in recruiting an IT security workforce. Eric Chabrow, GovInfoSecurity managing editor, interview Kettlewell.