Albuquerque, New Mexico (PressExposure) March 21, 2011 -- Over the recent years, Internet threats have increased in frequency, scope and sophistication. The threats pose risk to information security and may compromise national security. The threats have forced governments worldwide to review their information infrastructure. Effective coordination and proactive action is required to combat the threats emanating from the Internet.
Recently, a bill was introduced in the U.S Senate seeking creation of a National office for Cyberspace. The bill titled "Executive Cyberspace Coordination Act of 2011" is sponsored by Republican James Langevin and co-sponsored by Republicans Robert Andrews, Roscoe Bartlett, Norman Dicks, Ruppersberger and Loretta Sanchez. The bill emphasizes on information security controls and the establishment of a National Office for Cyberspace in the executive office of the President. The major aims of the Office would be to coordinate issues related with cyberspace and to achieve robust information infrastructure for the federal government. The Office would be headed by a Director and may include cyber security experts and consultants.
James Langevin was also one of the co-chairs of a CSIS Commission report titled "A Human Capital Crisis in Cybersecurity-Technical Proficiency" which referred to the shortage of cyber security experts with adequate skill sets. U.S requires more number of professionals qualified in computer science degree, masters of security science [http://www.eccuni.us/Academics/MasterofSecurityScience.aspx], penetration testing, system administration, computer forensics, incident management, network administration and other security certifications.
The bill provides for the formation of a Federal Cybersecurity Practice Board (FCPB) in the Office for Cyberspace, which would include representatives from civilian agencies, the defense department, the management and budget office, law enforcement agencies, the Chief technology office and other departments as deemed appropriate by the director. The board will be assigned the task of developing and regular updating of information security policies and procedures. The FCPB has to establish minimum security controls to safeguard government networked computers from known attacks, and safeguard individual agencies from information security risks. The board would establish 'measures of effectiveness' to evaluate the effectiveness of the minimum security controls.
The FCPB would be responsible for developing policies and procedures for use of products and services in information infrastructure. The board would be assigned the task of developing remedies to mitigate deficiencies in the information infrastructure. The board may also coordinate with industry and international community to improve information security. The FCPB would also encourage individual agencies to accept accountability for securing information infrastructure. Cyber security awareness is crucial to reduce security breaches. E-learning and online degree programs may be used to create cyber security awareness among employees.
The National Office for Cyberspace may also recommend to the President to provide monetary incentives and impose penalties on agencies for ensuring security of the information infrastructure. The agencies would have to assign responsibilities, ensure implementation of security policies, test information security controls, report incidents and coordinate with other government agencies.
Vibrant threats in the IT environment makes it crucial for IT professionals to update their technical skills and know-how by attending seminars, webinars and undertaking online university degree courses. Agencies may also organize regular training programs for IT professionals to improve their skills and secure information systems.