TRENDING:

Eight Elements of an Effective Plan for FISMA Compliance

netForensics • July 31, 2009  
Eight Elements of an Effective Plan for FISMA Compliance Complying with FISMA requirements can be tough. It's almost always time consuming, costly, and complex�and for some agencies it seems impossible to achieve. A recent GAO congressional report says that most agencies continue to have security weaknesses in major categories of controls. This puts U.S. economic and national security interests at risk. In fact, with the growing sophistication of security attacks, we've actually seen a dramatic rise in security incidents reported by agencies over the past few years.

If you're one of these agencies that's still struggling to achieve FISMA compliance, maybe it's time to jumpstart your risk management program.

Start by asking the following questions:

  • How do we protect our security boundaries and access points?
  • Which assets are at risk?
  • What should we include in our security incident procedures?
  • What are the expectations of real-time vulnerability alerts?
  • What is the importance of conducting periodic testing and evaluation?
  • Are your business line managers accountable for maintaining the security of their personnel, systems, facilities, and information?

If any of these leave you wondering, a new white paper, Closing the Control Gaps: Eight Elements of an Effective Plan for FISMA Compliance, can help you answer these and other important questions. This important paper from netForensics focuses on eight security practices that are essential to a successful compliance and cyber defense strategy. It discusses how you can leverage your existing technology and tools to identify, assess, and report on security-related issues, information, and events. The paper also offers insight into how you can ultimately provide tangible evidence of your efforts so you can meet FISMA compliance.

Previous
Protecting Sensitive Data in the Public Sector
Next
Secure and Cost-Effective Data Transport



Around the Network

What's Inside Washington State's New My Health My Data Act
What's Inside Washington State's New My Health My Data Act
Are We Facing a Massive Cybersecurity Threat?
Are We Facing a Massive Cybersecurity Threat?
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
Closing Privacy 'Loopholes' in Reproductive Healthcare Data
How to Simplify Data Protection within your Organization
How to Simplify Data Protection within your Organization
Securing OT and IoT Assets in an Interconnected World
Securing OT and IoT Assets in an Interconnected World
CyberArk CEO Touts New Browser That Secures Privileged Users
CyberArk CEO Touts New Browser That Secures Privileged Users
Checking Out Security Before Using AI Tools in Healthcare
Checking Out Security Before Using AI Tools in Healthcare
Integrating Generative AI Into the Threat Detection Process
Integrating Generative AI Into the Threat Detection Process
Top Privacy Considerations for Website Tracking Tools
Top Privacy Considerations for Website Tracking Tools
Why Cyber Defenders Need Partnerships, Tools and Education
Why Cyber Defenders Need Partnerships, Tools and Education

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.