Government Information Security Podcast

With the Obama administration's focus on cybersecurity, this is a good time to start or move into an information security career. And Regis University in Colorado is one institution offering state-of-the-art education for undergraduates and graduates alike. In an exclusive interview, Daniel Likarish, faculty of the Regis University School of Computer & Info Sciences, discusses: The information security programs at Regis University; The unique types of students enrolled in these programs; Job placement and opportunities in business and government. Regis University, with nearly 16,000 students, comprises Regis College, College for Professional Studies and Rueckert-Hartman College for Health Professions. The University is recognized by U. S. News & World Report as a Top School in the West and is one of 28 Catholic Jesuit colleges and universities throughout the United States. Regis University is located at 3333 Lowell Blvd. at 50th Street in north Denver. In addition to its north Denver Lowell campus, the University has campus locations in Aurora, Colorado Springs, Interlocken at Broomfield, Denver Tech Center, Fort Collins, Longmont and two in Las Vegas, Nevada.

With the Obama administration's focus on cybersecurity, this is a good time to start or move into an information security career. And Regis University in Colorado is one institution offering state-of-the-art education for undergraduates and graduates alike. In an exclusive interview, Daniel Likarish, faculty of the Regis University School of Computer & Info Sciences, discusses: The information security programs at Regis University; The unique types of students enrolled in these programs; Job placement and opportunities in business and government. Regis University, with nearly 16,000 students, comprises Regis College, College for Professional Studies and Rueckert-Hartman College for Health Professions. The University is recognized by U. S. News & World Report as a Top School in the West and is one of 28 Catholic Jesuit colleges and universities throughout the United States. Regis University is located at 3333 Lowell Blvd. at 50th Street in north Denver. In addition to its north Denver Lowell campus, the University has campus locations in Aurora, Colorado Springs, Interlocken at Broomfield, Denver Tech Center, Fort Collins, Longmont and two in Las Vegas, Nevada.

Cybersecurity isn't getting as much publicity in and around Washington as it did a month ago, when speculation was hot about what was in White House adviser Melissa Hathaway famous 60-day review of federal government cybersecurity policy and President Obama announced he intends to name a cybersecurity coordinator. But, as Jim Flyzk says in this interview conducted Friday, June 12, much action is occurring behind the scenes, at government contractors with designs to win an expected increase in the number of federal cybersecurity contracts and along the corridors of the White House and Capitol as officials prepare for a sea change in the way the government addresses information security. One thing is for certain, Flyzk says, cybersecurity is now a crucial topic that won't be ignored. Flyzk, if anything, is as well connected as anyone in Washington's government IT community. He spent 27 years in government, most notably as chief information officer of the Treasury Department and White House IT advisor on homeland security. Today, he heads his own consultancy, The Jim Flyzk Group, and hosts a monthly radio program, The Federal Executive Forum, on a local Washington radio station. Flyzk spoke with Information Security Media Group's Eric Chabrow.

Cybersecurity isn't getting as much publicity in and around Washington as it did a month ago, when speculation was hot about what was in White House adviser Melissa Hathaway famous 60-day review of federal government cybersecurity policy and President Obama announced he intends to name a cybersecurity coordinator. But, as Jim Flyzk says in this interview conducted Friday, June 12, much action is occurring behind the scenes, at government contractors with designs to win an expected increase in the number of federal cybersecurity contracts and along the corridors of the White House and Capitol as officials prepare for a sea change in the way the government addresses information security. One thing is for certain, Flyzk says, cybersecurity is now a crucial topic that won't be ignored. Flyzk, if anything, is as well connected as anyone in Washington's government IT community. He spent 27 years in government, most notably as chief information officer of the Treasury Department and White House IT advisor on homeland security. Today, he heads his own consultancy, The Jim Flyzk Group, and hosts a monthly radio program, The Federal Executive Forum, on a local Washington radio station. Flyzk spoke with Information Security Media Group's Eric Chabrow.

On Thursday, the World Health Organization declared the H1N1 virus to be the first global pandemic in over 40 years. In an exclusive interview, pandemic expert Regina Phelps explains exactly what this means, discussing: How organizations should respond to this announcement; Lessons learned so far from the H1N1 experience; What to expect - and how to respond - in the coming weeks. Phelps is an internationally recognized expert in the field of emergency management and continuity planning. With over 26 years of experience, she has provided consultation and educational speaking services to clients in four continents. She is founder of Emergency Management & Safety Solutions, a consulting company specializing in emergency management, continuity planning and safety.

On Thursday, the World Health Organization declared the H1N1 virus to be the first global pandemic in over 40 years. In an exclusive interview, pandemic expert Regina Phelps explains exactly what this means, discussing: How organizations should respond to this announcement; Lessons learned so far from the H1N1 experience; What to expect - and how to respond - in the coming weeks. Phelps is an internationally recognized expert in the field of emergency management and continuity planning. With over 26 years of experience, she has provided consultation and educational speaking services to clients in four continents. She is founder of Emergency Management & Safety Solutions, a consulting company specializing in emergency management, continuity planning and safety.

After nearly seven years as Michigan chief information security office, Dan Lohrmann got promoted earlier this year to the post of state chief technology officer. But despite new responsibilities, Lohrmann remains a key knowledge center on how Michigan handles information security. Lohrmann, in an interview, says preventing data loss is among the biggest IT security challenges the state faces. Speaking with Information Security Media Group's Eric Chabrow, Lohrmann compares how the state governs cybersecurity with that of the federal government, and in many respects, it's not much different. Michigan relies on the Federal Information Security Management Act and guidance from the National Institute of Standards and Technology to keep state IT safe. One advantage, Lohrmann concedes, the state has over its federal counterparts: Michigan isn't graded on compliance by the Office of Management and Budget.

After nearly seven years as Michigan chief information security office, Dan Lohrmann got promoted earlier this year to the post of state chief technology officer. But despite new responsibilities, Lohrmann remains a key knowledge center on how Michigan handles information security. Lohrmann, in an interview, says preventing data loss is among the biggest IT security challenges the state faces. Speaking with Information Security Media Group's Eric Chabrow, Lohrmann compares how the state governs cybersecurity with that of the federal government, and in many respects, it's not much different. Michigan relies on the Federal Information Security Management Act and guidance from the National Institute of Standards and Technology to keep state IT safe. One advantage, Lohrmann concedes, the state has over its federal counterparts: Michigan isn't graded on compliance by the Office of Management and Budget.

Data and privacy protection - there's much that government, industry and consumers alike can do to improve information security. And the Federal Trade Commission (FTC) is at the heart of education and enforcement efforts. In an exclusive interview, the FTC's Joel Winston discusses: Top privacy risks facing consumers and businesses; How the agency is battling privacy risks; The latest on Identity Theft Red Flags Rule compliance. Winston is Associate Director of the Division of Privacy and Identity Protection of the Federal Trade Commission's Bureau of Consumer Protection. That Division has responsibility over consumer privacy and data security issues, identity theft and credit reporting matters, among other things. Mr. Winston serves on the federal government's Identity Theft Task Force, which was created by President Bush in March 2006. He also is a member of the Advisory Board for the BNA Privacy & Security Law Reporter, and served on the Editorial Board and as an author for a treatise published in 2009 by the American Bar Association, "Consumer Protection Law Developments." In 2008, Mr. Winston received the Presidential Rank Award of Meritorious Executive, one of the highest honors given to members of the federal government's Senior Executive Service.

Data and privacy protection - there's much that government, industry and consumers alike can do to improve information security. And the Federal Trade Commission (FTC) is at the heart of education and enforcement efforts. In an exclusive interview, the FTC's Joel Winston discusses: Top privacy risks facing consumers and businesses; How the agency is battling privacy risks; The latest on Identity Theft Red Flags Rule compliance. Winston is Associate Director of the Division of Privacy and Identity Protection of the Federal Trade Commission's Bureau of Consumer Protection. That Division has responsibility over consumer privacy and data security issues, identity theft and credit reporting matters, among other things. Mr. Winston serves on the federal government's Identity Theft Task Force, which was created by President Bush in March 2006. He also is a member of the Advisory Board for the BNA Privacy & Security Law Reporter, and served on the Editorial Board and as an author for a treatise published in 2009 by the American Bar Association, "Consumer Protection Law Developments." In 2008, Mr. Winston received the Presidential Rank Award of Meritorious Executive, one of the highest honors given to members of the federal government's Senior Executive Service.

Tom Stanton, a fellow at the Center for the Study of American Government at Johns Hopkins University, knows cybersecurity and government, having authored last year's study, Defending Cyberspace: Protecting Individuals, Government Agencies and Private Companies Against Persistent and Evolving Threats. In an interview with Information Security Media Group's Eric Chabrow, Stanton discusses the challenges the government faces in adequately attracting and maintaining dedicated experts with the smarts as managers and practitioners to secure federal IT. To build such a workforce, he says, leadership must originate in the White House, with a respected and influential cybersecurity czar who goes beyond coordination. "The problem is that czars traditionally, at least in the Russian context, have been really bad managers," he says. "What we need in the American context is sound management of this problem." Among the ways the government can attract qualified personnel is to adopt a program used by the government during World War II that subsidized the salary of scientists who worked on the Manhattan Project that created the atomic bomb. A lawyer and a former federal government executive, Stanton serves on the board of the National Academy of Public Administration and chaired its standing panel on executive organization and management. He co-edited Making Government Manageable: Executive Organization and Management in the 21st Century (Johns Hopkins University Press, 2004).

Tom Stanton, a fellow at the Center for the Study of American Government at Johns Hopkins University, knows cybersecurity and government, having authored last year's study, Defending Cyberspace: Protecting Individuals, Government Agencies and Private Companies Against Persistent and Evolving Threats. In an interview with Information Security Media Group's Eric Chabrow, Stanton discusses the challenges the government faces in adequately attracting and maintaining dedicated experts with the smarts as managers and practitioners to secure federal IT. To build such a workforce, he says, leadership must originate in the White House, with a respected and influential cybersecurity czar who goes beyond coordination. "The problem is that czars traditionally, at least in the Russian context, have been really bad managers," he says. "What we need in the American context is sound management of this problem." Among the ways the government can attract qualified personnel is to adopt a program used by the government during World War II that subsidized the salary of scientists who worked on the Manhattan Project that created the atomic bomb. A lawyer and a former federal government executive, Stanton serves on the board of the National Academy of Public Administration and chaired its standing panel on executive organization and management. He co-edited Making Government Manageable: Executive Organization and Management in the 21st Century (Johns Hopkins University Press, 2004).

Eugene Spafford, one of the nation's top information security experts who heads Purdue University's Center for Education and Research in Information Assurance and Security, likes the fact that cybersecurity is getting the attention he feels it long deserved from the White House and Congress. Still Spaf - as he's affectionately known - expresses concern that President Obama isn't going far enough to elevate cybersecurity as a national priority, in part, because the White House cybersecurity advisor is not seen having the clout to create policy. And, he wonders if the president and Congress have the political wherewithal to invest enough money to truly secure federal IT. In an interview with the Information Security Media Group's Eric Chabrow, Spafford explains that: A high-ranking cybersecurity czar is needed to be a peer of cabinet secretaries and major agency heads to influence them to help advance federal IT security policy; Proposals to require the certification of information security professionals is problematic because of a dearth of cybersecurity practitioners and trainers; and Legislation to grant the president authority to shutter the Internet in a national emergency is ill-advised, because the circumstances for such a situation could be ambiguous.

Eugene Spafford, one of the nation's top information security experts who heads Purdue University's Center for Education and Research in Information Assurance and Security, likes the fact that cybersecurity is getting the attention he feels it long deserved from the White House and Congress. Still Spaf - as he's affectionately known - expresses concern that President Obama isn't going far enough to elevate cybersecurity as a national priority, in part, because the White House cybersecurity advisor is not seen having the clout to create policy. And, he wonders if the president and Congress have the political wherewithal to invest enough money to truly secure federal IT. In an interview with the Information Security Media Group's Eric Chabrow, Spafford explains that: A high-ranking cybersecurity czar is needed to be a peer of cabinet secretaries and major agency heads to influence them to help advance federal IT security policy; Proposals to require the certification of information security professionals is problematic because of a dearth of cybersecurity practitioners and trainers; and Legislation to grant the president authority to shutter the Internet in a national emergency is ill-advised, because the circumstances for such a situation could be ambiguous.

The law rarely keeps pace with advancements in information technology, and the 35-year-old federal Privacy Act has failed to provide the proper framework needed to protect the privacy of citizens. Dan Chenok chaired the federal Information Security and Privacy Advisory Board that issued a report entitled Toward a 21st Century Framework for Federal Government Privacy Policy that calls for the creation of a federal chief privacy officer as well as chief privacy officers in major federal agencies and a federal Chief Privacy Officers' Council. The panel also recommended steps Congress and the Obama administration should take to change federal laws and regulations to allow the government to more efficiently use specific technologies, such as cookies, while maintaining citizens' privacy. Chenok, the one-time highest ranking non-political IT official in the Office of Management and Budget and now a senior vice president at IT services provider Pragmatics, spoke with Information Security Media Group's Eric Chabrow and explains how changing the way privacy is governed will enhance protection for American citizens.