The Public Eye with Eric Chabrow

FISMA Author on FISMA Reform

FISMA Author on FISMA Reform

Tom Davis, the retired Virginia Republican who once headed the House committee charged with federal IT oversight, says the 7-year-old Federal Information Security Management Act needs to be taken to the next level to assure government IT systems are secure.

Davis, director of Federal Government Services at the consultancy Deloitte, recently spoke with my colleague Linda McGlasson, managing editor at GovInfoSecurity.com's sister site BankInfoSecurity.com, at the recent Payment Card Industry Security Standards Council community meeting in Las Vegas, where he delivered a keynote address. Here's the part of Linda's interview with Davis that addressed FISMA, which Davis authored.

McGLASSON: You will be giving some testimony next month on FISMA. A flavor of what some of that testimony might cover?

DAVIS: Well, I think it is time to take FISMA to the next level, and I will have some suggestions to talk about what they might want to do on that. One of the difficulties from FISMA at the outset was that the agencies get their report card and they sign their certifications each year in terms of where they are, but there is no punishment or reward. And the authorizers who write this stuff are so disjointed from the appropriators in Congress -- they have got to give this some muscle. They have got to make this a priority. There are just too many cooks in this thing, and everybody has got to sit around the table and say this is a problem, let's do it. Right now you have some people saying it's a problem, and some people focused on other items.

Click here to read the entire transcript of the interview.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.