"Achieving the objective of near real-time risk management means that organizations must have the flexibility to tailor their assessment activities based on where the information system is in its life cycle," NIST's Ron Ross says.
The White House takes a significant step to move federal departments and agencies toward real-time monitoring of their computer systems and networks and away from paper filings documenting compliance with the FISMA.
Why is it so difficult to provide information security for our government computer-based systems? Complexity is a major reason, but the force behind the Consensus Audit Guidelines offers ways to safeguard government IT.
New Federal Information Security Management Act guidance the Office of Management and Budget issue will focus on use of real-time security monitoring, funding IT security and building agency risk profiles.
FISMA reform legislation introduced by Rep. Diane Watson would have a Senate-confirmed White House cybersecurity director and a panel of government IT security specialists direct agencies on how they must safeguard federal digital assets.
The final installment of our five-part series on this year's top five federal cybersecurity challenges tackles the growing role the National Institute of Standards and Technology performs in securing government IT.