Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Transformative Technology: Desktop Virtualization in Government
- Value of Health IT
Shows & Panels
FISMA one step closer to overhaul
Tuesday - 6/1/2010, 5:06pm EDT
- The House took a major step forward to overhaul federal cybersecurity policy by passing the Defense Authorization Bill. The legislation includes and amendment to update the Federal Information Security Management Act, (FISMA). The new cybersecurity guidance will introduce performance based standards and guidelines. This is a marked changed from the current compliance based standards. But already cybersecurity experts are cautioning against the FISMA reforms. They says that although FISMA has improved cybersecurity, the overall results were not that impressive. Proponents of the bill hope to pass the full measure before the August Congressional Recess.
- Carnegie Mellon University's CERT (Computer Emergency Response Team) has released a basic fuzzing framework to help identify and eliminate security vulnerabilities from software products. ThreatPost.com reports that the Basic Fuzzing Framework (BFF) is described as a simplified version of automated dumb fuzzing and includes a Linux virtual machine that has been optimized for fuzz testing and a set of scripts to implement a software test. Fuzz testers, or fuzzers, are used by security researchers to find vulnerabilities by sending random input to an application.
Check out all of Federal News Radio's coverage of cybersecurity issues here.