Board raising voice on security, privacy

In preparation for the change in administrations next year, the Computer

Systems Security and Privacy Advisory Board plans to release a report in

September on how the government can reorganize itself to tackle information

security and privacy issues.

The CSSPAB serves as an independent advisory group to the Commerce secretary,

the National Institute of Standards and Technology, the National Security

Agency and Congress.

The organization has usually stayed in the background since its creation

by the Computer Security Act of 1987, but new CSSPAB chairman Franklin Reeder

is pushing the board to become an active player in the information security

and privacy policy arena.

"I want to get an output other than amiable conversations and pleasant experiences,"

he said at the board's quarterly meeting Thursday.

The first such output will be "substantive advice on how government structures

itself" to manage governmentwide security and privacy issues, Reeder said.

The organization wants to take advantage of the window of opportunity between

the November elections and the change in administration, he added.

Part of the board's advice will be:

* Looking at how the CIO Council can serve as a central point of authority

and accountability for the governmentwide efforts.

* Developing a common vocabulary of problems and solutions.

* Looking at how to get Congress to better handle information security and

privacy issues.

* Examining how to identify resources currently available and develop new

ones.