Someone claiming to be the president of the ISSA (no signature) rites:
>I agree with this concern. The National Research Council issued a
>report on sensitive but unclassified computing in the US entitled
>"Computers at Risk." In that report they suggested that an
>independent organization be formed, the Information Security
^^^^^^^^^^^
>Foundation.
> We are about a talking non-government organization
>under the direction and review of industry and the information
>security profession {of course with an interface to government).
>It is hoped that this organization would be given the authority to
>reduce export restrictions.
Note that expertise in the subject does not seem to be a requirement
(sorry but I have seen too many of these "executive-level" committees
formed that spend years trying to figure out an agenda. Have walked
out of meetings that I could see headed that way.
Also really needs to be *International* organization & do not see how
"authority to reduce export restrictions" plays - that is pure *politics*.
IFIP might make a good parent but the real question is funding. SAE
is funded by members and was created by engineers. Those funded by
government grants tend to be politically correct.
>IMPORTANT POINT: The ISF (now IISF) would
>not be part of ISSA. It is bigger than ISSA or any organization.
>The IISF needs to not only provide certification (firewalls,
>systems, people, etc.) and testing but standards development and
>research.
Agree with this but is sounding more like a political plum by the moment &
can see there are plenty of chiefs ready to run it.
Warmly,
Padgett
ps not down on the concept, just want to be sure of the agenda. Have seen
too many such "councils" in the past where the appointees were those
who looked good on TV.
|
|
