Naming a cybersecurity czar, reforming FISMA, securing cloud computing, enhancing cybersecurity R&D and updating the Privacy Act top list of summertime goals.
The Federal Information Security Management Act of 2002 (FISMA) was passed with the purpose of improving computer and network security at government agencies and government contractors. The Act called for increased security standards and yearly audits of the systems and processes, and tasked the National Institute of...
Everyone in government today is concerned with cyber security. While FISMA requires federal agencies to enhance their security posture, it remains a daunting task. Despite standardization from NIST and others, what is missing is a pragmatic evaluation of what an agency can do quickly to substantially tighten their...
The Federal Information Security Management Act remains the law of the land, so federal agencies must comply with its provisions until new legislation passes Congress and is signed by President Obama.
Some of the government's most influential officials on government IT paint a dire picture of IT security, agreeing that the Federal Information Security Management Act isn't working as originally intended to safeguard federal information systems.
The days of the Federal Information Security and Management Act as the instrument governing information security compliance in the federal government seem numbered.
As the first chief information security officer of Vermont, Kris Rowley's primary mission isn't to build an information security organization, but to create a culture of IT security and trust. In a state where many agencies operate their own independent information systems -- stovepipes, she calls them - encouraging...
NIST computer scientists are providing guidance for a new way to automate the task of verifying computer security settings, and are seeking comment before issuing its final publication this summer.
Known as the Security Content Automation Protocol, or SCAP, the specification has recently been incorporated into...
Reform legislation before Congress expands the responsibilities of agency and departmental chief information security officers, but the post itself - though formalized - won't budge much on the organizational chart.
A new survey reveals the increased clout of agency CISOs, but IT security reform legislation would limit their visibility as agency leaders despite giving them more responsibilities.
It's a scene out of the movies: a team of hackers attacking key federal IT systems, creating havoc, with defenders countering to keep the computers up and running.
Forthcoming reforms to the Federal Information Security Management Act of 2002 are said to improve federal coordination of IT security efforts and provide for greater situational awareness of security threats.
Securing information is hard work, but combining accountability, best practices and a bit of common sense while meeting your agency's mission will go a long way to provide proper IT safeguards.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.