[Federal Register Volume 75, Number 239 (Tuesday, December 14, 2010)]
[Notices]
[Pages 77934-77935]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2010-31324]
=======================================================================
-----------------------------------------------------------------------
SMALL BUSINESS ADMINISTRATION
Small Business Information Security Task Force
AGENCY: U.S. Small Business Administration.
ACTION: Notice of meeting minutes.
-----------------------------------------------------------------------
SUMMARY: The SBA is issuing this notice to publish meeting minutes for
the Small Business Information Security Task Force Meeting.
DATES: 1 p.m., Wednesday, November 10, 2010.
ADDRESSES: The meeting was held via teleconference.
SUPPLEMENTARY INFORMATION: Pursuant to section 507(i)(4)(A) of the
Credit Card Accountability Responsibility and Disclosure Act of 2009,
SBA submits the meeting minutes for the second meeting of the Small
Business Information Security Task Force. Chairman Rusty Pickens called
the meeting to order on November 10, 2010 at 1 p.m. Roll call was taken
and a quorum was established. An overview of the last meeting was
provided. Introductions were provided for Dr. Babita Gupta, and
Katherine White, both of whom were unable to attend the first meeting.
Dr. Gupta and Ms. White then each provided a brief overview to the
group.
Ms. Frances Henderson provided that the focus for today is on what
resources the group will need going forward in terms of personnel,
systems, and software as there will be lots of material to collate
before being able to produce a final report. Input to define tasks and
how to keep the group on schedule were sought. It was indicated the
work plan will continue to be developed.
Mr. Pickens recapped the Task Force scope of work and asked
everyone to keep the charter readily available and to review Section
507 of the authorizing law as it provides the requirements for the work
the Task Force has been directed to complete. The focus is to examine
resources available nationwide for small business on privacy and
technology concerns and then collate the data. A gap analysis then
needs to be performed to determine how effective the programs are and
provide a report to the Administrator with recommendations of what can
be done to improve on them. The Task Force has until the end of 2013 to
complete the report but it is hoped that the work could be completed
sooner. It was also clarified that there is no authorization for the
Task Force to establish any new programs; the Task Force has only been
directed to report to the Administrator their recommendations.
[[Page 77935]]
A discussion was held on possible methodology for research and gap
analysis. Solicitations on how to organize the gathered data and
compile lists was sought. It was stated that it is important that
topics don't get missed during the first pass of data sorting. To help
with this work, Mr. Michael Mitchell volunteered to be a liaison to the
PCI Standards organization. He stated that they have a small business
section with lots of potentially valuable information and would be
happy to work with them on behalf of the Task Force to gather
information from them.
The discussion evolved into the need for resources and a software
tool to capture, store, and list all of the gathered data. This
discussion highlighted the need for qualitative caveats, as the amount
of information such as certification and training resources could be
enormous. The issue of funding and licenses for the purpose of this
project was discussed. A question on Task Force funding was asked. Mr.
Pickens stated that an appropriation of finances was included within
the authorizing law to support the Task Force. Mr. Pickens agreed to
consult the appropriate parties to determine if it was indeed
allocated.
During the open floor portion of the meeting, Mr. Terry Erdle
volunteered to interface on behalf of CompTIA to the list of Trade
Associations, as CompTIA functions both as a certifying body and a
Trade Association for the computing technology industry itself. Mr.
Aaron Berstein then volunteered to contact Microsoft to inquire into
the possibility of Microsoft providing an online collaborative space
software tool for use. Additionally, Dr. Babita Gupta volunteered to
look at resources within the nonprofit and academia sectors for
available research that would be helpful to the Task Force.
At the conclusion of the meeting, everyone was instructed to take
away the draft work plan handout as a starting point for brainstorming
how to handle the task of gathering, sorting, and reporting back on the
data. Responses on the document were requested to be provided to Mr.
Pickens by Friday, December 3, 2010, who will then consolidate them all
into a single document for discussion at the next meeting.
The meeting was adjourned at 1:42 p.m.
FOR FURTHER INFORMATION CONTACT: Rusty Pickens, Special Consultant to
the Office of the CIO, U.S. Small Business Administration,
[email protected].
Paul T. Christy,
SBA Chief Information Officer.
[FR Doc. 2010-31324 Filed 12-13-10; 8:45 am]
BILLING CODE 8025-01-P