bnv.fnr.search/tags;tile=1;pos=top;sz=728x90;ord=
2:18 am, October 23, 2014

Search Result

Search Tags:  FISMA

Is your BlackBerry spying on you?

Committee passes information security act

Tags: Federal Drive , Cybersecurity Update , cybersecurity , BlackBerry ,

Friday - 05/21/2010, 08:30am EDT

GAO: VA systems open to cyberattack

NASA sidesteps flaws in FISMA, Microsoft to give feds early warning on security

Tags: Federal Drive , Cybersecurity Update , cybersecurity , VA , NASA , Microsoft , GAO

Thursday - 05/20/2010, 08:30am EDT

Bill would create White House cyber office

Reps. Langevin and McCaul introduce legislation that takes into account many of the recommendations of the Commission on Cybersecurity for the 44th President. The White House cyber office would have full policy and budget authority over all civilian agencies.

Tags: technology , Jim Langevin , Mike McCaul , Diane Watson , House Oversight and Government Reform Committee , House Cybersecurity Caucus , cybersecurity ,

Thursday - 05/06/2010, 06:39pm EDT

FISMA REFORM

Major changes are coming to the way federal agencies deal with cyber- security. In issuing new guidance over FISMA (The Federal Information Security Management Act), the Office of Management and Budget wants to find out the cybersecurity status of all civilian agency networks. One requirement is that agencies submit real-time data about the state of their networks. The second; a government-wide benchmarking study on the state of cybersecurity. The third; a series of interviews between OMB and agencies to tailor cybersecurity programs to each agencies needs.

Tags: technology , Cyber Security Report , Office of Management and Budget , OMB

Monday - 04/26/2010, 03:29am EDT

OMB shifts to real time cybersecurity monitoring

New White House guidance calls for agencies to submit data feeds to OMB's Cyberscope tool. Federal CIO Vivek Kundra hopes the information will give agencies a better idea of vulnerabilities and threats to computer networks. Agencies may have to shift money away from traditional reports to upgrade systems to meet new FISMA requirements.

Tags: technology , cybersecurity , Vivek Kundra , Howard Schmidt , Tom Carper , OMB , State , VA , NASA , Justice , DHS , USDA , Treasury , DoD , Alan Paller , Real time monitoring , Cyberscope

Thursday - 04/22/2010, 06:57am EDT
Listen

OMB to study how agencies deal with computer systems

WFED's Jason Miller reports.

Tags: technology , management , cybersecurity , Jason Miller

Wednesday - 04/21/2010, 06:06pm EDT
Listen

How to lock down data

Hear host John Gilroy talk with Yong-Gon Chon of Services SecureInfo Corporation about FISMA, security and more.
Feb. 2, 2010

Tags: Gov 2.0 , security , information assurance , IA , NIST special publication 800-53 Rev 3 , vulnerability scanning , incident response , IV& V sercices , SI-CAP , Federal Tech Talk , John Gilroy , Yong-Gon Chon , Services SecureInfo Corporation

Friday - 01/29/2010, 12:57pm EST
Listen

Cyber Security - Five Key Challenges

In addressing the importance of cyber security as a government priority in testimony before a Senate Homeland Security and Governmental Affairs subcommittee last fall, Vivek Kundra, the Federal Chief Information Officer, said:

"Our Nation's security and economic prosperity depend on the stability and integrity of our Federal communications and information infrastructure." Federal News Radio has reportedthat the federal government will spend $8.3 billion on computer security this year - marking a 60% increase in four years. As Federal information security decision-makers allocate dollars and resources to protect our infrastructure, it is important to prioritize the key challenges they face. These include:

    1. Increased use of mobile devices.Mobile devices are becoming smaller and faster every day. Agencies face even more challenges as mobile applications have now become widely used and they are even looking to build their own mobile applications to increase their productivity in the field.
    2. Continued movement of data into the cloud. Cloud computing has become a pervasive buzzword but in the end, risk stems from a matter of oversight and control. Agencies must rely on strong governance and compliance oversight of their service providers since they do not own or control the systems where their data resides.
    3. Changing regulatory environment. NIST has undergone sweeping changes across their Special Publications by introducing a new Risk Management Framework and introducing new nomenclature such as "Security Authorization." OMB continues to press their performance metrics as a part of the FISMA reporting process and could see some changes in the next 9 months.
    4. Application security. Attackers have now moved their focus from the network and infrastructure level to the application layer. We're seeing more attacks proliferated through applications such as Adobe and web browsers but some high profile data breaches stemmed from custom web applications through SQL injection attacks.
    5. Developing/maturing offensive capabilities. "Understanding the offensive to build the defensive" has become the mantra for today's cyber security efforts. The ability to understand the mindset of an attacker and their methods becomes critical in building defenses that focus on these attack vectors. Reigning in the changes can pose a difficult problem for several agencies but it ultimately comes down to understanding the threats to your particular agency and narrowing your defenses on those areas. Focus and prioritization become key in the constant battle.

Tags: technology , Trusted Advisor Blog , cyber security , homeland security , cloud , NIST , OMB

Tuesday - 02/02/2010, 10:46am EST

Looking at OMB's Proposed FISMA Performance Metrics

While 2010 turns the page to a new decade, many threats from the past 10 years persist. In the cyber security world, nations such as China continue building cyber capabilities from an offensive and defensive perspective, resulting in what has become a new arms race.

In response to these threats, the Federal government hopes to shore up its defensive capabilities by mandating new FISMA performance metrics that incorporate "real-time" countermeasuresówith real-time being the keyword. Real-time denotes the ability to identify, act, and respond to minimize the impact of attacks. This leads to our movement of increasing situational awareness and our ability to detect threats as they occur instead of reacting after the damage has been done. While real-time measures provide many benefits, they also carry a hefty price tag for agencies looking to implement these capabilities. Real-time capabilities can only be implemented through automated technologies and solutions. These technologies carry significant costs further straining the department or agency's already thin cyber security resources.

Government agencies currently possess varying levels of maturity to implement and maintain these capabilities and, in some cases, do not possess these capabilities at all. Although they are absolutely necessary in any "defense-in-depth" strategy, the key question becomes "How much?" and "How fast?" can we implement them. With shrinking budgets and tougher times, it becomes a difficult exercise in prioritizing investments, especially when FISMA may formally capture progress and impact an agency's grades and ultimately, their budget.

It would be impossible to implement these capabilities within a 6-12 month period, at least not effectively. Organizations need to take a risk-based approach to prioritizing initiatives and developing a strategy that allows agencies to prioritize their investments to obtain the greatest return and most importantly the biggest risk reduction to support their missions.

Tags: technology , Trusted Advisor Blog , OMB , cyber security

Wednesday - 01/27/2010, 12:44pm EST

Agency cybersecurity reporting to get makeover

OMB has launched new tool to automate FISMA reporting. This data will help populate a new cybersecurity dashboard, federal CIO Vivek Kundra says. OMB also wants to collect more specific data around how much and where agencies are spending money on IT security.

Tags: technology , cybersecurity , security , Vivek Kundra , John Streufert , Tom Carper , OMB , State , Senate Homeland Security and Governmental Affairs , DHS , NIST , CIO Council , metrics , dashboard

Friday - 10/30/2009, 07:01am EDT
Listen
  •  
  • 11
  •