.: News :: 07/18/2007

Neupart Advisory Board Member testifies before the U.S. Congress regarding Federal IT Security

July 18, 2007

Paul Kurtz notes progress created by Federal Information Security Management Act, cites need for greater uniformity and adoption of international standards such as ISO 27001

Washington D.C. - July 18, 2007 - Neupart A/S, an industry leading information security risk management and awareness company, today posted on its website the transcript of Advisory Board member Paul Kurtz's testimony before a joint subcommittee of the U.S. Congress. Kurtz's testimony provided a review and assessment of the Federal Information Security Management Act (FISMA) of 2002, and provided some key recommendations for the improvement of Federal IT Security based on developments in the private sector.

"FISMA is a good first step in what will surely be a long - and increasingly collaborative - process between the public and private sectors in safeguarding the integrity of the Federal IT infrastructure. However, as timely and well intentioned as FISMA was in 2002, the current law must evolve if it is to be effective in light of new technology and continually emerging threats.", said Kurtz, COO of Good Harbor Consulting, LLC, in his testimony. Among the key trends cited by Kurtz that are driving the need to evolve are the need for greater empowerment of federal Chief Information (Security) Officers, the changing nature of IT and information security and the global drive towards common security standards.

A key issue identified by Kurtz are the narrow metrics that don't necessarily fit all federal agencies and their security programs. Kurtz specifically identified the International Organization for Standardization (ISO) 27001 information security certification as a key part of the future of federal IT security. Said Kurtz, "ISO-27001 can be customized to the needs of individual organizations, thereby avoiding FISMA's 'one-size fits all' approach to cyber security."

According to Lars Neupart, CEO of Neupart A/S, "We understand that there is no panacea for the complex issues of information security, particularly as they relate to the problems faced by very large government agencies. However, we feel that the move towards international standards is irresistible and will provide some of the answers needed to help organizations tailor a standard framework to their policy needs. We expect both ISO 27001 and the Payment Card Industry Data Security Standard (PCI/DSS) to play an increasingly important role for organizations of all types and sizes. Neupart is committed to taking a leadership role in the discussion over security best practices and we thank Paul Kurtz for his contributions to public discourse."

Neupart is promoting industry awareness of ISO 27001 and other important security policy trends with thought leading educational content. Paul Kurtz's full transcript and our webcast, "ISO 27001: Today and Tomorrow", are both online at www.neupart.com/27k.

About Neupart

Neupart is a multinational corporation focused on strategic information security solutions, combined with the expertise of acknowledged partners worldwide. Neupart is an ISO 27001 certified company. Neupart's SecureAware is an unparalleled product suite allowing you to build a world class, standards-based information security management system that spans people, process and technology.
SecureAware's rich content, customizable tools and hierarchical security design allow your organization to perform enterprise risk management (ERM), create and disseminate rational policies and ensure organizational accountability through ingenious user awareness programs tied directly to your policies and processes. With a full ISO 27001/17799 content engine, SecureAware Enterprise provides the industry's most effective platform to achieve and maintain 27001 compliance and certification, and contains an elegant framework to map global security standards with your own locale-specific regulatory requirements. See www.neupart.com for more information about Neupart.

Contacts:

U.S.: Jim Reavis
Neupart Inc.
360.820.2545
jim.reavis@neupart.com

Denmark: Lars Neupart
Neupart A/S
+45 7025 8030
lars.neupart@neupart.com

 

About Neupart

Neupart, an ISO 27001 certified company, provides an all-in-one solution allowing organizations to achieve continuous compliance by automating activities for IT governance, risk management and compliance management.  Whether you need to comply with PCI DSS, ISO 27001, Sarbanes-Oxley, WLA SCS, or manage evolving business risks, Neupart allows you to respond effectively and "future proof" your compliance program. More than 300 organizations worldwide are using SecureAware from Neupart, including governments, utilities, banks and insurance firms, IT Service providers and lotteries.

Contact

Email

Support Sales Newsletter

Phone

Denmark +45 70258030

Germany +49 2102 420926

US (800) 616-8597