Barring a catastrophic cyberattack in the next few days to motivate legislators to act, don't expect lawmakers to vote on any cybersecurity bill for the remainder of the current Congress.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
The logjam in Congress on passing significant cybersecurity legislation could be broken when Republicans assume control of the Senate next year. Here's why.
Recalling an up to 10-day delay in Homeland Security helping other agencies cope with the Heartbleed vulnerability, DHS's Phyllis Schneck champions FISMA reform legislation that would codify the department's role as guardian of civilian agency IT.
A Senate committee has approved legislation to reform the 12-year-old law that governs federal information security, plus two other cybersecurity-related bills. The full Senate will now consider the measures.
Legislation before the House to excise from federal law the requirement that NIST work with the NSA on cybersecurity standards wouldn't likely stop the two federal agencies from continuing to collaborate.
As the number of cybersecurity incidents increase, departments and agencies are doing a better job of complying with the law that governs IT security in the U.S. federal government, a new report to Congress from the White House says.
Days before the release of the Obama administration's cybersecurity framework, Senate Republicans issued a report detailing vulnerabilities in federal IT, suggesting the White House get its own house in order.
Jeh Johnson, the new secretary of Homeland Security, is expected to become one of the top advocates of the administration's cybersecurity policy as the White House shifts more IT security responsibilities to DHS.
The White House is intensifying its effort to get federal agencies to adopt continuous monitoring and move away from the paper-based checklist compliance they've followed for a decade under the Federal Information Security Management Act.
Jeh Johnson, at his confirmation hearing to be the next Homeland Security secretary, pledges to fix internal cybersecurity problems at DHS before seeking further authority to have the department help other agencies get their IT security houses in order.
The Federal Information Security Amendments Act would require agencies to continuously monitor their IT systems for cyberthreats and implement regular threat assessments.
The bill's chief sponsor says agencies struggle with cyberthreats. "This update to FISMA will incorporate the last decade of technological innovation, while also addressing FISMA shortcomings realized over the past years." Rep. Darrell Issa says.
Debate over cybersecurity bills last year coupled with recent, highly publicized attacks have raised the visibility of the threat, and that could push Congress to enact IT security legislation in 2013, White House Cybersecurity Coordinator Michael Daniel says.
As enterprises move more applications to the cloud, continuous monitoring will play a greater role in assuring the software is patched in a timely manner, says John Streufert, DHS director of federal network resilience.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
