Came across this in a FederalComputerWeek article yesterday. Martha Johnson, who was chief of staff for GSA from 1996 to 2001 and is the current nominee for the top position, had this to say when asked if GSA offers agencies enough solutions to secure their information systems:

“[Under my leadership], GSA would actively continue to work with the various security and incident management forums where security solutions and policies are developed. GSA would promote the increased use of managed security services available through GSA’s offerings that help ensure that agencies are better prepared to deal with cyber threats and vulnerabilities.” (emphasis added)

It is good to see the incoming head of GSA consider managed security services an effective way to improve agency security. As Gregory Wilshusen, director of GAO’s Information Security Issues, said last month in the GAO’s Information Security report, “Six years after FISMA was enacted, we continue to report that poor information security is a widespread problem with potentially devastating consequences.”

Managed security services are a great way for agencies to improve their security posture and do it quickly. All the factors that have made managed security services fit so well in the private sector – fast deployment of key controls, 24×7 coverage, better security at lower costs, etc. – also translate to federal agencies.

This entry was posted on Tuesday, June 16th, 2009 at 4:07 pm and is filed under General.