Abstract :
The Ginger Cohen Act of 1998 assigned responsibility for ensuring cybersecurity within US federal organizations to the chief information officer, and the Federal Information Security Management Act underscored that responsibility. Every federal CIO is required to report to the Office of Management and Budget quarterly on the status of critical systems. What exactly does it mean to be responsible for cybersecurity? For a CIO, however, ensuring cybersecurity means all that and a lot more. Frequently, it involves learning a whole new language and anticipating previously unheard of threats. It means overseeing a layered defence strategy that spans technical, organizational, and operational control; establishing policies and procedures binding the use community´s access to the organization´s IT resources; and learning the intricacies of such things as firewalls, intrusion detection, and content-filtering capabilities
