Executive Director’s Message
by Paul Kurtz, CSIA Executive Director
The end of the year is a time when we review the goals we set in January, analyzing both accomplishments and shortcomings, and then refocusing our goals and planning a new strategy to move forward in the year ahead.
This week, CSIA reviewed Congress’ and the Administration’s 2005 information security actions by releasing our National Agenda for Government Action on Information Security in 2006. One year ago, CSIA urged the Administration and Congress to help ensure execution on the President’s National Strategy to Secure Cyberspace by acting on twelve critical recommendations to protect the nation against cyber threats. CSIA’s National Agenda reports on the state of information security a year later and outlines the government’s limited progress in securing our digital infrastructure. We also released a new Digital Confidence Index that reflects the public’s concern with the security of our nation’s critical infrastructure.
Although CSIA cites limited progress made in 2005, an interesting transformation occurred that is a step forward for information security. This year, we witnessed a transformation in the way Congress, CEOs, and the media view information security. The privacy, reliability and integrity of information systems are moving from a technical issue handled by CIOs and trade press to the front page, warranting the attention of global business and government leaders. But this transformation, which began in 2004 as companies grappled with Sarbanes-Oxley and accelerated this year with massive data breaches involving sensitive personal information of over 50 million people, is by no means complete.
The purpose of our National Agenda is to assess our progress in protecting the integrity of our information infrastructure so that we can determine future steps. CSIA’s members are committed to working with the Administration and Congress to improve the state of information security in 2006 and beyond. We look forward to assessing progress in the future.
Ultimately, CSIA’s report echoes this sentiment by recapping the small victories and minimal progress — viewing a long road ahead. To move ahead in 2006, CSIA has offered guidance to Congress and the Administration by outlining thirteen specific actions for the coming year to improve the state of our information security. Several of these actions are attainable in the short term, while others require long-term planning, execution, and, above all, leadership.
The purpose of our National Agenda is to assess our progress in protecting the integrity of our information infrastructure so that we can determine future steps. CSIA’s members are committed to working with the Administration and Congress to improve the state of information security in 2006 and beyond. We look forward to assessing progress in the future. The December issue of CSIA’s newsletter features our National Agenda and details on the Digital Confidence Index, as we focus on our end-of-year assessment. We also highlight one of our newest members, Application Security, Inc.
CSIA wishes our readers a happy and safe holiday. See you again in January.