The latest report to Congress on the implementation of the Federal Information Security Management Act runs 68 pages. But even after reading the entire report, don't be surprised if you can't tell if government IT systems are secure. Here's why.
Conventional wisdom suggests China isn't interested in disabling industrial control systems in the U.S. After all, such an act would be against its own economic interest. But is that type of thinking right?
The bill's chief sponsor says agencies struggle with cyberthreats. "This update to FISMA will incorporate the last decade of technological innovation, while also addressing FISMA shortcomings realized over the past years." Rep. Darrell Issa says.
Most people will remember March 13, 2013, as the day Cardinal Jorge Bergoglio ascended to the papacy as Pope Francis. But for those who consider cybersecurity vital for society's well-being, it's an historic date as well.
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
Cyber Command Commander Gen. Keith Alexander tells a Senate panel that it's vital that Congress enact legislation giving the nation's critical infrastructure owners liability protection so they can share cyberthreat information with the government.
Homeland Security Secretary Janet Napolitano and NIST Director Patrick Gallagher tell Congress that industry, not the government, will take the lead in establishing IT security best practices for infrastructure operators.
On the record, security experts talk about the improvements banking institutions have made in DDoS defense, and there's no doubt they have made major improvements. Off the record, they are less optimistic.