FISMA addresses security issues in a comprehensive manner, covering everything from identity management to physical building security. This white paper focuses specifically on identity and access management (IAM) issues, using the guidance provided by NIST Special Publication 800-53 recommended Security Controls for...
Senate Majority Leader Harry Reid, in a letter, informed Minority Leader Mitch McConnell of his decision to bring cybersecurity legislation to the floor during the first work period of 2012 legislative session.
Because of increasingly constrained resources, DOT's Office of Chief Information Officer is unlikely to fix within a year some of the security shortfalls detailed in the inspector general's report, CIO Nitin Pradhan says.
It's ironic that Congressional Democrats and Republicans say they're willing to compromise on cybersecurity legislation. With so much else these days in Congress, compromise is not a 10-letter, but 4-letter word.
In recent years, the government has taken steps to improve federal IT infrastructure. While the 9/11 terrorist attacks were certainly a wake-up call, legislation and reform was always inevitable, says Mark Forman, former federal CIO.
Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
The shift to monthly reports of key metrics through CyberScope from annual FISMA filings allows security practitioners to make decisions using more information and more quickly than ever before, OMB Director Jacob Lew says.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
The soon-to-be issued FY 2011 Chief Information Officer FISMA Reporting Metrics from the Department of Homeland Security will require agencies to report on their progress in automating the continuous measurement of the most critical security risks.
See our Full Coverage of the State of Government Information Security Today 2011 survey.
President Obama declared cybersecurity a national security priority in May 2009, in effect making the IT experts at all levels of government the frontline troops defending local, state and federal information assets.
Domain name systems are among the least known - but most important - security vulnerabilities for organizations in all sectors. But government agencies in particular need to be concerned about DNS security to protect their e-government initiatives.
In an exclusive interview on DNS security, Mark Beckett of Secure64...
U.S. government agencies are eager to gain the service and cost efficiencies of cloud computing, but the Government Information Security Today survey finds they have serious reservations about information security in the cloud.
Auditors find that the SEC's IT office documented and incorporated National Institute of Standards and Technology patch requirements in its policies and procedures but that guidance wasn't always followed.
The co-chair of the Commission on Cybersecurity for the 44th President praises the Obama administration's commitment to IT security, but says the administration has much more work to do to develop a comprehensive strategy to combat cyber threats.