Getting inspectors general and agencies' IT security heads to agree on how best to evaluate information security should strengthen U.S. federal government agencies' risk management frameworks, say former OMB leaders Karen Evans and Franklin Reeder.
A bill to reform the Federal Information Security Management Act, which is heading to the House of Representatives, delineates the responsibilities for each agency's chief information security officer. Read what they are.
The bill's chief sponsor says agencies struggle with cyberthreats. "This update to FISMA will incorporate the last decade of technological innovation, while also addressing FISMA shortcomings realized over the past years." Rep. Darrell Issa says.
Debate over cybersecurity bills last year coupled with recent, highly publicized attacks have raised the visibility of the threat, and that could push Congress to enact IT security legislation in 2013, White House Cybersecurity Coordinator Michael Daniel says.
The call for an overarching federal cybersecurity strategy comes in the wake of findings from U.S.-CERT that federal agencies reported a nearly eight-fold increase in cyber-incidents over seven years.
As enterprises move more applications to the cloud, continuous monitoring will play a greater role in assuring the software is patched in a timely manner, says John Streufert, DHS director of federal network resilience.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Members of the U.S. Congress may be more sensitive to cyberthreats than they were in the past, but that doesn't mean they truly all appreciate the risk key government and private-sector IT systems face, says House Cybersecurity Caucus Co-Chair Jim Langevin.
A new Congress - the 113th - comes to Washington in January, and the battles over IT security begin anew. Here's my take on how cybersecurity will take shape in 2013.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Both candidates have made fleeting references to cybersecurity during the presidential campaign, but neither has addressed the matter in detail. How different would a President Romney be from a second-term President Obama?
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
The White House Office of Management and Budget, in its yearly Federal Information Security Management Act report to Congress, gives departments and agencies mixed grades in their efforts to secure federal IT for fiscal year 2011.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.