Security Committee Initiatives and Accomplishments

2006-2007

Note Related to Projected 2006-2007 Initaitives:

Italics indicates initiatives added at the July 14, 2006 Forum Planning Session
Numbers in parenthesis indicate votes cast for the initiative at the July 14, 2006 Forum Planning Session.

2005-2006 Accomplishments

  • The strong alliance with CSCIC continues, providing four relevant webcasts on security-related issues. The audience has expanded to international participants!! There were over 1,400 simultaneous viewers of the last webcast. Webcasts this year have included "Wireless Security", "Don't Let the Cyber Space Grinch Steal Your Holiday", "Voice - Over IP", and "Remote Access".
  • Provided Executive Committee speakers on Identity Access Management (IAM). Key speakers were provided by Unisys and RSA Security for the February meeting.
  • Continued to offer support to the CIO committees on security and identity access management.

Projected 2006-2007 Initiatives

  • Continue to support the international webcasts on security.
  • Increase support to the CIO committee members addressing IAM. Provide additional resources to the CIO committee for educational presentations on Identity and Access Management
  • Resource directory of Security information, solutions, relevant links and companies. Development of this repository would include expansion to support other committees. (2)
  • IAM health check audit/assessment corresponding to the guidelines provided by the CIO committee. (2)
  • IAM information repository: vendor solutions, white papers (Repository)
  • Work with groupings of small agencies to identify security needs
  • Outline new Security Breach Disclosure law (10)
  • Conduct an educational session on mobile device security (8)
  • Conduct an awareness session on applying appropriate security measures to applications used by the public. (2)
  • Conduct "Birds of a Feather" sessions

Efforts initiated but not yet underway - Seeking volunteer participants

  • Collect relevant items for security and IAM repositories.
  • Develop a draft of the IAM Health Check.
  • Review information provided by the Center for Technology in Government and other sources to assist ISOs with providing a business case for acquiring security before a breech occurs.