Department of Homeland Security structure and standards will apply to government and private sector entities.
Top 10 Open Government Websites
(click image for larger view and for slideshow)
The Department of Homeland Security Friday put in place new a governance structure and standards for classified information sharing that the agency says will improve government-wide information sharing.
President Obama ordered DHS in a 2010 executive order to create information sharing standards. DHS developed the new policies, which were issued via an 88-page directive, in consultation with the intelligence community, the military, and other federal agencies; state, local, and tribal governments; and private sector organizations. The standards come more than a year after the February 2011 deadline set by the 2010 executive order.
"The need to securely share actionable, timely, and relevant classified information among partners in support of homeland security is critical as we work together to address evolving threats," DHS secretary Janet Napolitano said in a statement. "This directive strengthens this effort by instilling uniformity and consistency in the application of security standards when classified information is shared."
The directive names officials who will be responsible for the oversight of classified information sharing, and sets standards for security clearance, physical security, data security, classification management, security training, and contracting. These standards will apply both in government and in the private sector.
DHS will become a central point of authority for oversight and program management of classified information sharing efforts, including qualified accreditation, monitoring, and inspection of facilities that have access to classified information, processing, and documenting security clearances, and developing a training program for safeguarding classified information.
The directive's requirements also include some discussion of IT. For example, it raises the profile of a classified DHS network, the Homeland Secure Data Network, which the directive makes the "primary non-defense, Secret-level classified network" in government.
Some of the requirements may entail additional technology investment by DHS and other agencies. For example, DHS must develop a way to document and track security clearance data. While the directive instructs DHS to "leverage existing security clearance database system[s]" like the Office of Personnel Management's Central Verification System, it notes that system or software modification might be required to meet the directive's standards.
As federal agencies embrace devices and apps to meet employee demand, the White House seeks one comprehensive mobile strategy. Also in the new Going Mobile issue of InformationWeek Government: Find out how the National Security Agency is developing technologies to make commercial devices suitable for intelligence work. (Free registration required.)
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.