On Tue, 7 Oct 2008 14:07:04 -0400 (EDT)
Sean Donelan <[EMAIL PROTECTED]> wrote:
> On Tue, 7 Oct 2008, [EMAIL PROTECTED] wrote:
> > On Tue, 07 Oct 2008 11:30:11 CDT, "J. Oquendo" said:
> >> What about exceeding the minimum requirements for a change.
> > (I think you'll find that if somebody is actually willing to *pay*
> > for more security, there's plenty of outfits who are more than
> > happy to make it happen)
>
> What should the US Government buy for more security? And how can the
> US Government make sure they actually get what they are paying?
>
>
Right. The US government is a *huge* operation. Suppose you were the
CIO or the CSO for the US government (excluding the classified stuff)
-- what is the proper cybersecurity strategy?
--Steve Bellovin, http://www.cs.columbia.edu/~smb
