Cloud computing initiatives, network monitoring and risk management are driving network security operations. Meanwhile, federal agencies face record levels of threats yet still rely on manual processes and outdated point tools. Agency network security operations must be modernized to streamline network security...
Certification and accreditation (C&A) has been like alphabet soup. As it transitions to assessment and authorization (A&A), it's time to sort through the confusion and identify which terms and processes apply in any given situation.
This paper sorts through the confusion to identify which terms, approaches, and...
A watchdog agency report highlighting data security violations by a Department of Veterans Affairs medical contractor offers a reminder to all healthcare organizations about similar risks their business associates can pose - especially if BAs are inadequately monitored.
As we look ahead to the remainder of 2016, U.S. federal CIOs and their teams face big opportunities as well as challenges in achieving the federal "Cloud First" strategy issued back in 2011.
"Federal CISOs and their teams face a daunting challenge daily of staying FISMA-compliant and secure while moving their...
Being FISMA compliant is tough enough. Doing so in a hybrid cloud, especially when pressured to be FedRAMP certified and continuously monitor systems, adds to the challenge.
Download this whitepaper to explore:
The challenges of being compliant and secure in a hybrid environment;
Products and strategies to...
President Obama has tapped veteran CIO Tony Scott as the top government IT official whose responsibilities include overseeing agencies' compliance with FISMA, the law that governs federal government IT security.
We're taking a different tack at GovInfoSecurity this year, recognizing information security leaders who have never appeared on any of our five previous Top Influencers lists. Find out who made the top 10.
Consider President Obama's signing of the Federal Information Security Modernization Act this month an early birthday present for Sen. Tom Carper, the chief sponsor of the legislation that updates FISMA.
The sponsor of Senate-approved FISMA reform, Tom Carper, says it's not a done deal because the House has a dispute over which committee - Homeland Security or Oversight and Governmental Reform - has jurisdiction over the legislation.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
Recalling an up to 10-day delay in Homeland Security helping other agencies cope with the Heartbleed vulnerability, DHS's Phyllis Schneck champions FISMA reform legislation that would codify the department's role as guardian of civilian agency IT.
With fewer employees, and still fewer - if any - IT security experts on staff, small federal agencies face challenges not confronted by larger ones, and congressional auditors say DHS and OMB should give them more help.
A Senate committee has approved legislation to reform the 12-year-old law that governs federal information security, plus two other cybersecurity-related bills. The full Senate will now consider the measures.