Only seven out of 24 agencies are more than 90 percent compliant with the Federal Information Security Management requirements, and more than half saw their compliance score decline compared to last fiscal year’s numbers, according to an Office of Management and Budget review.
via FISMA compliance eludes agencies — Federal Computer Week.
Amazon Web Services LLC AWS, an Amazon.com company NASDAQ: AMZN, today announced it has received Federal Information Security Management Act FISMA Moderate Authorization and Accreditation from the U.S. General Services Administration.
via Amazon Media Room:News Release.
The new AWS GovCloud Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as FISMA, SAS-70 Type II, ISO 27001, FIPS 140-2 compliant end points, and PCI DSS Level 1
via Q&A: Teresa Carlson of Amazon Web Services Discusses GovCloud | WHIR Web Hosting Industry News.
The National Institute of Standards and Technology (NIST) has issued the final version of its Guide to Industrial Control Systems (ICS) Security (SP 800-82),* intended to help pipeline operators, power producers, manufacturers, air traffic control centers and other managers of critical infrastructures to secure their systems while addressing their unique performance, reliability, and safety requirements
via Final Version of Industrial Control Systems Security Guide Published, National Inst.
The National Institute for Standards and Technology (NIST) has published an 84-page draft of its cloud computing guidelines, NIST Cloud Computing Synopsis and Recommendations, or SP 800-146, and is seeking comment from federal agencies and the public on its recommendations.
via NIST Releases Federal Cloud Guidelines — InformationWeek.
The White House proposal, which is a comprehensive cybersecurity plan, includes a provision directing the Department of Homeland Security (DHS) “to exercise primary responsibility within the executive branch for information security
via Infosecurity (USA) – White House cybersecurity proposal shifts FISMA responsibility to DHS.
Cyber attacks on the federal government increased in 2010 over the previous year, even though the total number of cybersecurity incidents was down overall, according to a new report from the Office of Management and Budget (OMB).
via Federal Cyber Attacks Rose 39% In 2010 — Cybersecurity — InformationWeek.
Managing Information Security Risk: Organization, Mission, and Information System View (NIST Special Publication 800-39) provides the groundwork for a three-tiered, risk-management approach that “fundamentally changes how we manage information security risk at the federal level,” says Ron Ross, NIST Fellow and one of the principal authors of the publication.
via New publication fundamentally changes federal information security risk management.
Computer scientists at the National Institute of Standards and Technology (NIST) are requesting comments from interested parties on their biennial update of the catalog of security controls for the federal government. The security control catalog provides a comprehensive set of management, operational and technical safeguards—protective measures—that can be used by federal agencies to help protect federal information systems. The deadline for comment submission is April 29, 2011.
via NIST seeks comments on security control catalog for federal information systems and organizations.
