CIO Council to deal with Web 2.0 security

The federal Chief Information Officers Council will create a security committee to devise strategies to provide information assurance in a Web 2.0 environment, Dave Wennergren, deputy CIO at the Defense Department and the council's vice chairman, said today. Wennergren expects to have the new committee operational in just a few weeks, he said at a briefing to the Commission on Cyber Security for the 44th Presidency, a public/private advisory group, at the Center for Strategic and International Studies. Wennergren said his goals for the council this year were to address Web 2.0 and the next-generation workforce, adding that security is another step and builds on the work the council did in advancing the Trusted Internet Connection initiative to reduce the number of agencies' external connections. “The mass collaboration of Web 2.0 and the power of social networking can radically change the face of government and improve the effectiveness of delivering services to citizens,” he said, adding, “The beauty of Web 2.0 is that boundaries get broken down.” Wennergren said he sought the commission’s assistance to push agencies toward “forward-leaning strategies” for security because the nature of work is changing. Agencies are grappling with the challenge of sharing more data at the same time they must strengthen information security safeguards, he said. Protecting information and networks in a sharing environment and on social networks will require different solutions than current data assurance efforts, Wennergren also said. “The underlying issue is that you’ve got to be able to do trusted computing from anywhere, even non-trusted computers and don’t leave a path behind of your transactions. But we’re still spending time and attention on how we’re building security in big systems,” Wennergren said, adding, “We’re not addressing the more sophisticated problems with collaboration.” The next-generation federal workforce will be smaller, so its members will assume leadership position at a younger age, he said. Agencies must be able to attract and retain what he called the "Millennial,"  or "Net  Generation" with the tools to create and to share information securely, he said.