On Tue, 7 Oct 2008 14:07:04 -0400 (EDT) Sean Donelan <sean@donelan.com> wrote:
On Tue, 7 Oct 2008, Valdis.Kletnieks@vt.edu wrote:
On Tue, 07 Oct 2008 11:30:11 CDT, "J. Oquendo" said:
What about exceeding the minimum requirements for a change. (I think you'll find that if somebody is actually willing to *pay* for more security, there's plenty of outfits who are more than happy to make it happen)
What should the US Government buy for more security? And how can the US Government make sure they actually get what they are paying?
Right. The US government is a *huge* operation. Suppose you were the CIO or the CSO for the US government (excluding the classified stuff) -- what is the proper cybersecurity strategy? --Steve Bellovin, http://www.cs.columbia.edu/~smb