Give Me Your Free-Form Comments
Posted August 20th, 2008 by rybolovAny comment or graffiti you want to put up in the comments, go ahead. Only stipulation is that it’s profanity-free (ack, this coming from me?) and relevant to security in the Federal Government.
Why do this? Well, to give a voice to those who don’t say anything about what’s going on. We need to hear more from the “silent infosec majority” who just do their jobs every day.
Similar Posts:
Posted in Odds-n-Sods, Rants | 5 Comments »
Tags: government • infosec • security
August 20th, 2008 at 5:17 pm
NIST is handling SCAP requirements, especially vendor certification and listing on the NIST website, like the flip flopping equivalent of John Kerry
August 20th, 2008 at 6:09 pm
The new 800-37 leaves some to be desired. There is some clarification to the outsourced/SOA systems. But not enough for me.
I don’t know how some people are going to handle this Authorization process over the C&A. Imagine having to establish requirements and test to them. What a novel idea!
FDCC needs work too, I hope Amrit plans to come to the SCAP conference and then we can gang up on the developers.
August 20th, 2008 at 6:23 pm
Computer systems don’t do well in a GP Medium, CSSAMO over DSCIM, Secret Clearance certs are gawdawful long to fill out, permissions need to be handled better on networked systems (Good god, give me permission to install a printer or point to the right shared folder!). This blog is painful to read, as it seems so few knowledgable people work in my section of the country, and I’m not sure my highers would listen anyway. The sebaceous Pac Northwest.
August 22nd, 2008 at 11:41 am
Considering the secondary effects of the new 800-37/
1. Are ISC2 CAPs to become SAPPs?!
2. When do NIACAP and DIACAP die?
3. How will this affect the CAP and CISSP-ISSEP certifications?
4. Who do we call when an ISSO gets a bee in their bonnet to use national security guidance for their conference room scheduling system?
5. Is the DoD happy about going from DITSCAP to DIACAP to the C&A Transformation Initiative’s end product?
September 9th, 2008 at 12:01 am
OMB powerplay draft memo refuses to accept that some agencies don’t benefit from all powerful CIOs. Memo to CIOs: Show actual value and someone might let you play in real work without you having to beg Karen Evans to legislate you into power.