Buzz of the Week: Security does matter

Security is always a complex issue — a never-ending, constantly evolving assignment.

An agency can do everything right, yet the bad guys, whoever they are, will somehow find a way to wreak havoc.

Security is also challenging because, frankly, most people don’t make it a priority until it’s too late — for example, when a laptop PC containing the personal information on millions of people is stolen.

Until that happens, people think of security as something that makes it more difficult to get their job done.

And so we got an adrenalin rush last week when we heard that a laptop was stolen from the Veterans Affairs Department — again. At first, it seemed like a replay of events at VA that nearly two years ago generated countless hearings and reports. However, this latest incident turned out to be a good-news story about how security does matter.

The story line is about an agency that learned its lesson.

This time, the stolen laptop had been fully encrypted, making it essentially unusable by any nefarious people. Encryption might have made that employee’s job slightly more difficult, but it enabled VA to avoid a potential disaster. VA’s experience should be a lesson to other agencies.

By coincidence — a nice coincidence — the VA security story appears in this week’s issue focusing on collaboration.

Security concerns are among the big hurdles that agencies face in their efforts to collaborate.

Many Web 2.0 tools cause security concerns that some agencies have dealt with by blocking their use. But Dave Wennergren, the Defense Department’s deputy chief information officer, has said agencies must resolve those concerns, and simply halting innovative initiatives is not a solution.

Life would be easier if the world were black and white.

Making decisions would be easier. Instead, we try to interpret shades of gray — and that’s never easy.

The Buzz Contenders

# 2 USDA exodus
Everything’s fine at the Agriculture Department. You can say that till the cows come home, but no one would believe it. We learned last week of two more departures from USDA, on top of the six we’ve already accounted for in previous articles in FCW.

Cheryl McQueary, USDA’s assistant chief information officer for transformation programs, is leaving and going to the Transportation Department.

And Lynn Allen, USDA’s associate CIO for cybersecurity, has given notice.

# 3 CIOs take a back seat
That seat at the table that chief information officers always seem to want — they’re not getting to sit there. A new survey of 46 agency senior technology managers found a sharp increase in those who said they report to the chief financial officer instead of the heads of their agencies. “I’m not sure if we know the reason,” said Paul Wohlleben, a partner at Grant Thornton who led the committee that did the survey for the Information Technology Association of America. The trend is disappointing to us who know what the best CIOs can bring to the table.

# 4 Missing CRS reports
Sen. Joseph Lieberman (I-Conn.) added his voice last week to a transparency movement in Congress that appears to be gaining momentum.

Lieberman asked Sen. Dianne Feinstein (D-Calif.), who leads the Rules and Administration Committee, to direct the Congressional Research Service to get busy: Create a publicly accessible system that automatically posts and updates unclassified CRS reports as they are published. CRS has a library of more than 2,000 reports on issues of critical importance to lawmakers and their staff members. But public access to those unclassified reports is hit-or-miss.

That shouldn’t be, Lieberman said, and we agree.

# 5 Poor SBInet
Software integration problems are once again the culprit in a major technology program. This time it’s the Homeland Security Department’s SBInet, or virtual fence, along the Arizona border with Mexico. DHS accepted Boeing’s prototype version of a virtual fence last week. However, department officials said the company’s system of cameras, sensors, towers and software to prevent illegal immigration is simply not what they wanted. They wanted something that worked.