Automated FISMA Reporting Tool Unveiled
The Office of Management and Budget this month unveiled an interactive collection tool called CyberScope that should help agencies fulfill their IT security reporting requirements under the Federal Information Security Management Act.
via Automated FISMA Reporting Tool Unveiled.
DHS agencies don’t sustain info security programs, IG says — Federal Computer Week
Homeland Security Department agencies don’t sustain their information security programs year-round or perform continuous monitoring to maintain systems’ accreditations and action plans, according to DHS Inspector General Richard Skinner.
The IG’s findings come from an annual independent evaluation of the department’s information security programs required by the Federal Information Security Management Act (FISMA)
via DHS agencies don’t [...]
Federal Taskforce To Focus On Cybersecurity Metrics — Cybersecurity — InformationWeek
FISMA metrics need to be rationalized to focus on outcomes over compliance,” Kundra wrote in a blog post announcing the move. “Doing so will enable new and actionable insight into agencies #FISMA
via Federal Taskforce To Focus On Cybersecurity Metrics — Cybersecurity — InformationWeek.
Cyber Defense: Size Doesn’t Matter – FISMA
I just received an “F” on the most recent FISMA report, so I had a lot of work to do there to get into compliance with that mandate. Also saw a whole lot of people working very hard, trying to improve security. I think it was a matter of just needing some direction, some coordination, [...]
FISMA Gets Teeth – S.773 and S.778 The Cybersecurity Act of 2009
A bill to ensure the continued free flow of commerce within the United States and with its global trading partners through secure cyber communications, to provide for the continued development and exploitation of the Internet and intranet communications for such purposes, to provide for the development of a cadre of information technology specialists to improve [...]
OMB Unveils Automated FISMA Reporting System
Changes are coming to the way federal CIOs will report how their departments and agencies comply with the Federal Information Security Management Act, but the revisions have nothing to do with new ways to measure how secure are government IT systems and networks. Starting this fall, departments and agencies must use a new automated reporting [...]
Agencies riddled with security holes, GAO says — Federal Computer Week
The GAO’s auditors said a recent audit that examined how well agencies were protecting information and complying with the Federal Information Security Management Act (FISMA) found significant problems.
“These persistent weaknesses expose sensitive data to significant risk, as illustrated by recent incidents at various agencies,” GAO said. “Further, our work and reviews by inspectors general note [...]
Google to get cloud FISMA certified as other government uses cause concern
Google wants to make its Internet cloud compliant with the Federal Information Security Management Act in the next year.
Dave Girouard, president of Google Enterprise said Wednesday during the National Defense University conference on cloud computing that the technology giant is certifying and accrediting its Internet cloud service for use by civilian and Defense Department agencies.
via [...]
FISMA Reform: Making Room for Innovation
Just days before perpetrators executed one of the broadest denial of service attacks against federal-interest IT systems, the Government Accountability Office was on the Hill presenting its recommendations for reforming FISMA; including plans to enhance and improve testing, policy, communications, reporting and auditing.
With IT security resources so heavily invested in policy, audits and compliance reporting, [...]
FISMA—a roadblock for EHRs?
The new worry from CMS, according to Government Health IT, is that healthcare providers sharing EHR files will be required to meet FISMA standards, which include an annual security test and FISMA certification.
via FISMA—a roadblock for EHRs? – OhMyGov! – General News.
