The call for an overarching federal cybersecurity strategy comes in the wake of findings from U.S.-CERT that federal agencies reported a nearly eight-fold increase in cyber-incidents over seven years.
As enterprises move more applications to the cloud, continuous monitoring will play a greater role in assuring the software is patched in a timely manner, says John Streufert, DHS director of federal network resilience.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Members of the U.S. Congress may be more sensitive to cyberthreats than they were in the past, but that doesn't mean they truly all appreciate the risk key government and private-sector IT systems face, says House Cybersecurity Caucus Co-Chair Jim Langevin.
A new Congress - the 113th - comes to Washington in January, and the battles over IT security begin anew. Here's my take on how cybersecurity will take shape in 2013.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Federal CISOs face a unique cyber security challenge - copious amounts of regulatory compliance paperwork. At the same time, the Federal government responded to more than 106,000 cyber attacks in 2011 - including cyber exploits that injected viruses, stole information, and disrupted Federal network...
Both candidates have made fleeting references to cybersecurity during the presidential campaign, but neither has addressed the matter in detail. How different would a President Romney be from a second-term President Obama?
Too many organizations misunderstand exactly what continuous monitoring is, says Centrify's Matt Hur, who offers insights on how to deploy continuous monitoring solutions for the best results.
Government agencies are confronting an increasingly hazardous IT security environment. To address the growing number of threats, as well as the widespread deficiencies in security controls, the federal government is implementing FISMA 2.0, which emphasizes the need for enterprise-wide continuous monitoring.
Read...
The IRS's monitoring of its systems focused mostly on Federal Information Security Management Act and National Institute of Standards and Technology requirements, which aren't intended to assure the integrity of financial reporting, the GAO says.
All government agencies, contractors and organizations that exchange data directly with government systems must be FISMA compliant. This may include such diverse entities as data clearinghouses, state departments and military subcontractors if data is exchanged directly with federal government systems. Coverage may...
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
Legislation being drafted by an influential Republican House chairman to reform the Federal Information Security Management Act could, if enacted, reverse Obama administration policy on how IT security is governed in the federal government.
Tackling cybersecurity as a single enterprise, rather than through 26 major and 100-plus smaller departments and agencies, is one of the Obama administration's IT security aims, White House Cybersecurity Coordinator Howard Schmidt says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.