Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mobile Device Management
- The Modern Federal Threat Landscape
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- Satellite Communications: Acquiring SATCOM in Tight Times
- Transformative Technology: Desktop Virtualization in Government
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
NIST rewrites FISMA standards as cyber threats evolve
Monday - 3/5/2012, 6:18pm EST
The revamped FISMA includes new guidance for insider-threat management, supply-chain risk and mobile security.
"The changes we propose ... are directly linked to the current state of the threat space — the capabilities, intentions and targeting activities of adversaries — and analysis of attack data over time," said Ron Ross, a NIST fellow and the agency's FISMA implementation project leader.
Ross joined In Depth with Francis Rose to discuss the FISMA additions.
"This has been a really big update for us," Ross said. "It's been a year in the making, and we took a complete scrub of the entire security-control catalogue looking at the current threat space."
There is also the addition of a new appendix on privacy and privacy controls to better balance security needs and the privacy of individual users, he added.
"The threat space continues to move forward," Ross said. "We're looking at a lot of data on cyber attacks, capabilities, intentions, targeting by adversaries. All that information is used in a cycle to update our documents ... So, we're always going to be trying to bring the best defenses to our customer we possibly can."
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.