via Information Week Government
New cybersecurity legislation before Congress calls for each federal agency to appoint a dedicated chief information security officer (CISO) to ensure the federal government is complying with cybersecurity regulations.
The “Cybersecurity and Internet Freedom Act of 2011” — introduced a week ago by Sens. Joe Lieberman, ID-Conn., Susan Collins, R-Me., and Tom Carper, D-Del. — spells out the role of CISOs within federal agencies and outlines how federal agencies should better manage security both inside organizations and across the federal government.
According to the bill, CISOs will, like CIOs, be given the authority and a budget to perform their duties, first and foremost of which will be to ensure compliance with the security measures they set up within each agency. They also will designate a series of security controls that can be “continuously monitored” to ensure an agency is complying with its own regulations.