March President and CEO of SecureInfo Testifies Before Congress

Testimony to House Subcommittee on Government Management, Organization, and Procurement also Addressed FISMA Strengths and Weaknesses
Washington, DC, March 25, 2010 – SecureInfo® Corporation, a market-proven provider of cyber security and information assurance solutions, today announced that Christopher Fountain, President and CEO of the company, testified on March 24, 2010 before the House Subcommittee on Government Management, Organization, and Procurement regarding "Federal Information Security: Current Challenges and Future Policy Considerations." His testimony also highlighted strengths and weaknesses of FISMA as enacted in 2002.

The central themes of Mr. Fountain’s testimony focused on keeping core tenants of FISMA related to standards and guidelines intact and improving the effectiveness of FISMA by increasing enforcement and oversight mechanisms. His testimony supported legislation under development by the subcommittee calling for a new office and senior official to oversee government compliance to provisions stipulated by current and future laws.

"It is important that the standards and guidelines developed and maintained by NIST in support of FISMA remain an integral part of any future legislation. NIST has done an outstanding job of evolving standards and guidance as technology and threats have changed. While FISMA in its current form is sound, some improvements are warranted. Today, FISMA lacks a strong enforcement and oversight mechanism with centralized authority and a statutory basis for ensuring compliance," said Mr. Fountain. "The national office under consideration by this subcommittee is a reasoned and needed evolution of a law whose enactment rationale is more important today than ever."

Fountain added, "Such an office should be housed within the Department of Homeland Security as securing cyberspace is requisite to securing the homeland. Furthermore, the Office of Cybersecurity and Communications within DHS addresses mission areas that are highly complementary to the missions and objectives of any potential future office charged with overseeing compliance with laws, standards and guidelines designed to protect government information assets."

Mr. Fountain’s testimony also addressed future improvements to FISMA reporting. He emphasized that while the documentation related to information security program elements is important and central to effective information technology governance, the implementation of techniques and metrics designed to more effectively assess the information security posture of an agency is in order.
For a full transcript of Mr. Fountain’s testimony to the subcommittee please visit: http://www.secureinfo.com/news/press-releases/2010/Fountain_Testimony_03-24-10.pdf

About SecureInfo
SecureInfo Corporation is a market-proven provider of Information Assurance (IA) solutions, enabling Federal organizations to understand, document and mitigate information security risk; assure information systems are secure; reduce security costs and achieve and demonstrate compliance with NIST, DIACAP, Intelligence Community and FISMA requirements. Since the company’s inception, SecureInfo has specialized in delivering unmatched customer service, deep domain expertise and proven IA solutions. Named as the "US Air Force Information Assurance Organization of the Year," among many other awards and recognitions, SecureInfo has a reputation for quality, commitment and results. Customers include U.S. Air Force, U.S. Army, the Department of Homeland Security, among many others. Further information can be found at www.secureinfo.com.