The FISMA Focus IPD

From: NextGov

Absent congressional action on cybersecurity, President Obama should strongly consider issuing an executive order to help secure American computer networks from attack, a chief architect of the White House’s cybersecurity proposals told National Journal.

Former White House cybersecurity chief Howard Schmidt, who served in both the Obama and George W. Bush administrations, said on Thursday that an executive order could help update government network security as well as encourage businesses to secure their own systems.

“If there are things this Congress isn’t prepared to do, the president has a few options that he can move on,” he told National Journal in a phone interview.

From: Governing.com

Until cybersecurity standards are in place, security professionals worry that terrorists could shut down large swaths of the U.S. economy with the click of a mouse.

BY: Steve Towns

Dan Lohrmann has been in the information security business for the bulk of the past decade, and he’s scratching his head over the continued inability of Congress to enact nationwide cybersecurity protections.

“Honestly, it’s disconcerting that the bad guys are ahead of the good guys,” says Lohrmann, who became one of the nation’s first state chief information security officers in 2002, when he was tapped for that job in Michigan. “It seems like the bad guys are more organized and united in their goal, which is to take advantage of our lack of unity and coordination.”

From:  European Network Information Security Agency

New Permanent Stakeholders’ Group (PSG) of top IT-security advisors appointed.

A new composition of 30 top IT-security experts have started their term of office as members of ENISA’s Permanent Stakeholders’ Group (PSG). The PSG will give top IT security advice to the EU’s ‘cyber security’ Agency ENISA, the European Network and Information Security Agency. The PSG is a group of leading IT-security experts that gives advice to the Agency’s Executive Director in, for example, drawing up a proposal for the Agency’s annual Work Programme.

From: Bloomberg

By Chris Strohm

President Barack Obama might create a broad new program to protect vital government and privatecomputer networks from cyber attacks, according to a draft document being circulated in his administration.

The government would continuously collect and disseminate information about cybersecurity threats in a new approach to combating attacks, according to the document. The administration is weighing taking action instead of waiting for Congress to pass cybersecurity legislation.

The draft represents “early” discussions about how to update a 2003 presidential directive for protecting the most critical U.S. assets and “is not close to being done,” White House spokeswoman Caitlin Hayden said in an e-mailed statement yesterday.

Editor’s Note: A request for public comment by the Centers for Medicare and Medicaid Services (CMS) on an Information Collection Request is attached here. 

Under the Paperwork Reduction Act, CMS is not permitted to collect the requested information from the public including industry, non-profits, and state and local governments, without approval of the White House Office of Management and Budget’s Office of Information and Regulatory Affairs (OIRA).  The attached Federal Register notice provides all interested persons with 60 days to comment on CMS’ burden estimates and the necessity and utility of the proposed information collection.

CMS describes the information collection as follows: