09/24/2007 - The National Science and Technology Council has released the Federal Plan for Cyber Security and Information Assurance Research and Development. The plan provides “baseline information and a technical framework for coordinated multiagency R&D in cyber security and information assurance.” It covers vulnerabilities, threats, and risk, and provides technical perspectives on subjects ranging from authentication and access control to wireless to software testing and assessment tools. An appendix provides roles and responsibilities of the members of the working group that created the report.@ The Report is at SM Online.
09/24/2007 - Not long after a data breach involving the Department of Veterans Affairs, David M. Walker, Comptroller General of the United States and head of the Government Accountability Office, gave testimony to a House committee on steps that can be taken to reduce the likelihood of personal data being stolen. The first is to conduct a privacy-impact assessment before deploying new systems; Walker noted that agencies do not always do this. He also recommended limiting the collection of personal information, and limiting the time that such information is retained. @ Privacy: Preventing and Responding to Improper Disclosures of Personal Information is available at SM Online.