Quick Study

By Brian Robinson

Blog archive

NIST guidelines: Broccoli and cheese

For government agencies, complying with new security guidelines from the National Institute of Science and Technology can be the equivalent of eating broccoli: It’s good for you, but that doesn’t mean you enjoy it. With recent announcements, however, there’s a heaping of tasty melted cheese included in the form of potentially saving big bucks.

In a GovInfoSecurity.com interview, NIST’s Federal Information Security Management Act project leader, Ron Ross, shows how agencies can team with other agencies -- or candidly piggyback on their work -- to hack away at the time and effort needed to qualify IT products and services for purchase.

That’s a part of NIST Special Publication 800-37, a guide for agencies to apply risk management techniques to harmonizing IT certification and accreditation across the government. That was just one of a number of announcements NIST made about security issues in late February.

Ross said there are now three distinct types of IT authorizing approaches agencies can use, starting with the traditional single authorization where an agency official does all the work to authorize each system. Now there is also a joint authorization, where multiple authorizing officials can work together to authorize something like a service that many agencies will be using.

And then there is something called a leveraged authorization, where agencies can use the documentation and evidence that other agencies have created as the basis for their own risk decision.

Ross said there has been a change in the culture over the past few years that has required these kinds of changes, together with technological innovations such as cloud computing, that require a more collaborative environment. Civilian, military and intelligence agencies are much more inclined to cooperate and share on these kinds of things.

That all makes sense, but I guess we’ll have to see how this rolls out in practice. Kumbaya has not proven to be a very practical philosophy in the past.

And, by the way, in case people feel like complaining, the lead was inspired by George H.W. Bush. I. actually. like broccoli.

Posted by Brian Robinson on Mar 15, 2010 at 7:27 PM


Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.