CIOs Call For Secret Clearance : LUSENET : TimeBomb 2000 (Y2000) : One Thread

CIOs Call For Secret Clearance

Kevin, youll love this one! -- Diane

JANUARY 11, 1999

CIOs call for secret clearance


The security committee of the CIO Council last month urged all agency chief information officers and deputy CIOs to obtain a top-level security clearance usually reserved for those working on sensitive military or intelligence programs.

The committee believes CIOs and deputy CIOs need these security clearances so that they will be able to access national security information as part of the ongoing critical infrastructure protection effort, according to a Dec. 30 memo to CIOs from Mark Boster, chairman of the security committee and deputy assistant attorney general for information resources management at the Justice Department.

The security clearance is part of the Clinton administration's national effort to protect computer systems that support critical infrastructures, such as banking, telecommunications, transportation and utilities. The federal government itself has been classified as a critical infrastructure, and many agencies are working closely with the private-sector owners and operators of banks, utilities and other infrastructures to secure their computer systems.

"It is becoming increasingly evident that CIOs and deputy CIOs will have a need to handle classified information in their normal course of doing business," according to the memo, which was obtained by FCW. "This seems especially apparent in the development and implementation of highly sensitive critical infrastructure protection plans and related vulnerability assessments."

Neither Boster nor James Flyzik, CIO at the Treasury Department and vice chairman of the CIO Council, could be reached for comment.

Obtaining a secret security clearance is based on a National Agency Check of government records about a person and is relatively inexpensive and quick compared with the process for obtaining top-secret clearance.

All military officers must be capable of attaining a secret clearance to be in command of just about any type of unit because they must be able to read operational orders and other crucial documents.

Top-secret clearance is based on a Special Security Background Investigation. That process can take six months to a year, and investigators can delve back 15 years into an individual's personal background. The top-secret clearance process is expensive, sometimes costing as much as $100,000 for one investigation. People holding this clearance may be required to undergo periodic polygraph examinations.

Ed Giorgio, a principal at Booz-Allen & Hamilton Inc. and former chief of cryptoanalysis and cryptography at the National Security Agency, said the council most likely is trying to obtain for agency CIOs better access to government vulnerability databases. Such databases accurately portray the critical infrastructure threat but usually are classified.

CIOs and private-sector officials probably will be more willing to cooperate with government critical infrastructure efforts if they are aware of the threats to their systems, he said.

"You're probably seeing people make an honest effort to share this information more broadly," Giorgio said. "If you bring them into your cone of information about what the threat makes them more likely to cooperate with your objectives."

However, he noted that some CIOs could be opposed to security clearances because they are afraid that holding such a clearance could affect their ability to speak freely on issues.

Kevin Roth, vice president of system integration at the Information Technology Association of America, said giving CIOs and deputy CIOs security clearance would increase the awareness of the importance of critical infrastructure protection to CIOs.

Roth said, however, that it might impede the information-sharing relationship between the government and the private sector, which has been emphasized by supporters of the protection effort as being key to its success.

"If they're requiring security clearances for individuals within the government, are they planning to require security clearances for those in the private sector?" Roth asked. "If so, that might create some problems for getting those security clearances for everyone in the private sector who needs them."

The fact that CIOs do not already have the clearance needed to receive national security information is surprising, said Mark Gembicki, president of WarRoom Research, Annapolis, Md. However,he noted that clearing these officials would not help the security effort at agencies unless emergency response employees also were cleared so that they could be told about threats and work to secure systems from these dangers.

"Having a need to know about the threats and vulnerabilities...doesn't mean anything unless you have a response team that can address those risks," Gembicki said.

-- Diane J. Squire (, January 11, 1999


all I can say is, this is a very disturbing development.

-- a (a@a.a), January 11, 1999.

I'm with a -

This has been such a disturbing news day. Here we are not even to mid January and the news is has already taken a turn for the worse.

"ongoing critical infrastructure protection effort" and "national security" and "security clearance" for CIO's... interesting...

Mike ===================================================================

-- Michael Taylor (, January 11, 1999.

Clinton to CIO's "Ok, here's the deal, we only got room and supplies for two million people. We want you to make a list of people with the following skills........

-- Nikoli Krushev (, January 11, 1999.

In DOD and no doubt elsewhere there are levels and levels of clearances. When the issuing agency is in a hurry they can cut a lot of corners. I was issued a AEC "Q" clearance in a month after I started work for the prime contractor at the Nevada Test Site (1955). But to go up in one of the shot towers required a special temporary clearance, even though when I went up only a mockup of the test device was in the cab.

Advice to any CIO receiving such a clearance: don't ever disagree with Edward Teller. He'll clean your clock: you'll lose your clearance, and your job. Just ask J. Robert Oppenheimer.

-- Tom Carey (, January 12, 1999.

Posted this on the FEMA links, too. Interesting FEMA & Y2K new employee background.

Does anyone else find it UNUSUAL to have an ex-DoD person over at FEMA now? -- Diane

FEMA Profile:

Mike Walker, ex-DoD and Pentagon guy now working at FEMA, responsibilities include overseeing FEMAs terrorism activities and the agencys FY2000 appropriations process. He will coordinate FEMAs Y2K activities...


Robert M. "Mike" Walker: Deputy Director


-- Diane J. Squire (, January 12, 1999.

...his responsibilities include overseeing FEMAs terrorism activities..."

hey diane that was a good one!

-- a (a@a.a), January 13, 1999.

Moderation questions? read the FAQ