Agencies tie IT security to budgets

With a little prodding from the Office of Management and Budget, agency IT managers are tying system security to their enterprise infrastructures through the budget process. Some said today that securing their infrastructures ranks just as high as e-government for fiscal 2003.“Cybersecurity is a cross-cutting issue,” Energy Department CIO Karen Evans said at an Armed Forces Communications and Electronics Association breakfast in Rockville, Md. “Our intent is to have a uniform cybersecurity program throughout the department and incorporate it in all business lines.”Evans discussed her spending priorities for next year on a panel with Office of Personnel Management CIO Janet Barnes, Veterans Affairs deputy CIO Ed Meagher and Commerce CIO Tom Pyke.Evans said Energy will meet with OMB next week to discuss how its enterprise architecture has been updated to improve security. The department will work on six projects that relate to security next year, including developing a risk management approach, training 6,000 employees on new policies, and certifying and accrediting unclassified systems.Pyke said Commerce has a new IT security policy and plans to expand its intrusion detection system at the host level.Barnes said OPM “updated our IT security plan and rewrote it in plain language so the program offices can understand it more easily.” In the next week, she said, OPM will certify its mainframe and client-server platforms to comply with that policy.