Agency Infosec Spend a Mystery to OMB
The White House Office of Management and Budget does not know how much its departments and agencies specifically spend on IT security, Federal CIO Vivek Kundra told a Senate panel Thursday.
Kundra said he was shocked to learn that the OMB never collected from agencies specific IT security expenditures, just aggregate data, when he took over [...]
Feds’ Security Spending On a Roll: Over 8 Percent Growth Over Next Five Years – DarkReading
The U.S. federal government’s IT security spending will jump from $7.9 million to $11.7 billion in 2014 thanks to tightening federal security regulations, a 300 percent jump in attacks on feds’ networks and systems during the past five years, and the Obama administration’s emphasis on security, according to new data from research firm Input.
via Feds’ [...]
Federal Taskforce To Focus On Cybersecurity Metrics — Cybersecurity — InformationWeek
FISMA metrics need to be rationalized to focus on outcomes over compliance,” Kundra wrote in a blog post announcing the move. “Doing so will enable new and actionable insight into agencies #FISMA
via Federal Taskforce To Focus On Cybersecurity Metrics — Cybersecurity — InformationWeek.
CMS HIPAA Security Review: Encryption & Employee Background Checks Mandatory, MT Providers Next Under The Microscope?
The first batch of government reviews of covered entities (CEs) for compliance with the security rule revealed a host of deficiencies, ranging from failure to conduct even an initial risk assessment to inconsistent employee training, according to a summary of findings and recommended corrective actions recently released by CMS.
via The XY Files in an MT [...]
OMB Unveils Automated FISMA Reporting System
Changes are coming to the way federal CIOs will report how their departments and agencies comply with the Federal Information Security Management Act, but the revisions have nothing to do with new ways to measure how secure are government IT systems and networks. Starting this fall, departments and agencies must use a new automated reporting [...]
Google to get cloud FISMA certified as other government uses cause concern
Google wants to make its Internet cloud compliant with the Federal Information Security Management Act in the next year.
Dave Girouard, president of Google Enterprise said Wednesday during the National Defense University conference on cloud computing that the technology giant is certifying and accrediting its Internet cloud service for use by civilian and Defense Department agencies.
via [...]
FISMA Reform: Making Room for Innovation
Just days before perpetrators executed one of the broadest denial of service attacks against federal-interest IT systems, the Government Accountability Office was on the Hill presenting its recommendations for reforming FISMA; including plans to enhance and improve testing, policy, communications, reporting and auditing.
With IT security resources so heavily invested in policy, audits and compliance reporting, [...]
FISMA—a roadblock for EHRs?
The new worry from CMS, according to Government Health IT, is that healthcare providers sharing EHR files will be required to meet FISMA standards, which include an annual security test and FISMA certification.
via FISMA—a roadblock for EHRs? – OhMyGov! – General News.
NIST releases final draft of the first security controls for all government information systems 800-53
The National Institute of Standards and Technology has collaborated with the military and intelligence communities to produce the first set of security controls for all government information systems, including national security systems.
The controls are included in the final draft version of Special Publication 800-53, Revision 3, titled “Recommended Security Controls for Federal Information Systems and [...]
FISMA Efficacy Questioned – Federal CIO Vivek Kundra
Recent breaches at the Federal Aviation Administration and at the vendor that hosts USAjobs.gov demonstrate that the state of federal information security is not what citizens should expect, federal CIO Vivek Kundra testified before the House Committee on Oversight and Government Reform’s Subcommittee on Government Management, Organization and Procurement. He said the seven-year-old Federal Information [...]
