IITP on Improving Govt IT Security
Paul Matthew of IITP has five proposals for making Govt IT more secure.
- Establish a Chief Information Security Officer for All of Government
- Create a one-stop central “hotline” where breaches can be reported
- Develop and publish guidelines on how to handle a notification
- Establish Ethical Disclosure Guidelines
- Establish a Bug Bounty programme
All look pretty good ideas to me. Anyone got some others they would add to the list?