Information Security Coordination


Matt DeZee from AMS (and a former state CIO) is talking about the desirability of the creation of a center for coordinating information security information among the states.  Apparently there is a plan to do this.  The theory, of course, is that we all see the same kind of attacks and could help each other by cooperating.  He tells the story of getting a report from his CISO that his state was getting scanned and then showing up the next day at a NASCIO event and finding that 4 other CIOs he talked to had had the same scan the day before.  One could argue that there's nothing special about the states and that we should just throw in with other private and public entities. Nancy Wong from the Commerce's Critical Infrastructure Assurance Office says, however, that its common for different industry sectors set up independent efforts and then create bi-lateral agreements to share information so that each office can respond to the unique nature of the sector.