CIO Council panel details functions

The CIO Council’s new Information Security and Identity Management Committee will be the official forum for agencies’ data and network protection efforts, according to the committee’s recently published charter.

The committee will concentrate on implementation of the Comprehensive National Cybersecurity Initiative by creating and recommending strategies for agencies to improve cybersecurity through secure computing platforms and networks.

According to the charter, the committee expects to identify and recommend enhancements to existing policies, processes and strategies. Its efforts will include improving:

• Logical access as specified in Homeland Security Presidential Directive 12 and integrating it with physical access and public-key infrastructure applications.

• Multifactor authentication.

• Device authentication and quarantine.

• The sharing of credentials and certificates among agencies.

The committee published its charter Dec. 19 under the signatures of its co-chairmen — Robert Carey, the Navy Department’s chief information officer, and Vance Hitch, the Justice Department’s CIO. Karen Evans, administrator for e-government and information technology at the Office of Management and Budget, also signed the document.

Carey and Hitch said the committee will promote the development of standard performance measures for information security and provide an environment in which agencies can share experiences and innovative approaches.