SEARCH RESULTS
 
Showing 1-10 of 25 records
 
Expand article

FISMA Report Card News, Formulas, and 3 Myths

The Article has images
2008-05-27 16:36:28 by rybolov in The Guerilla CISO
...FISMA Report Cards Paragraph about how agencies are failing to secure their data, the report card says so History and trending of the report card Discussion on changing FISMA Quote from Karen Evans Quote from Alan Paller about how FISMA is a failure and checklist-driven security Wondering when the government will get their act together Have a...
 
Tags: report card, fisma report card, fisma, fisma measures, fisma compliance title, fisma report cards, security, security programs based, framework
 
 
 
 
Expand article

Government Sent Home with a C on FISMA Report Card

2008-08-05 13:43:51 by Julia Lim in ScienceLogic
 
...FISMA For the third year in a row, the governments overall FISMA grade improved. But dont get too excited; the grade only improved from a C- to a C this year. (And D+ in 2005 But theres a lot to hide in an average grade. Turns out that the reality is a split between overachievers and underachievers The agencies/departments with a grade of A-,...
 
Tags: fisma average grade, average grade, fisma, grade, fisma grade, scorecard, fisma scorecard, fisma requirements, requirements
 
 
 
 
Expand article

FISMA Report Cards IssuedResponse is Rote by Now

The Article has images
2008-05-21 15:36:29 by rybolov in The Guerilla CISO
...FISMA report card for 2007 has been issued. You can go check it out here . I cant believe it, but DHS scored a B against all odds And of course, by now the response to the report card is all roteeverybody wonders what the letters really mean SC Magazine IDG IT Business Edge Federal Times Washington Post Security Focus Yeah, yeah, I guess it...
 
Tags: report, fisma, fisma report card, security, measure security, enterprise-wide security, report card, security stuff, security lgopps
 
 
 
 
Expand article

No, FISMA Doesnt Require That, Silly Product Pushers

2008-07-31 14:36:31 by rybolov in The Guerilla CISO
 
...FISMA really is : Secure64 DNSSEC Press Releases FISMA Act encourages U.S. government agencies to configure their DNS servers to the DNSSEC security specifications set by the National Institute of Standards and Technology, and it has been reported that the federal government s Office of Management and Budget (OMB) plans to begin enforcing...
 
Tags: fisma, fisma requires, fisma act encourages, stamp fisma, dnssec, dnssec requirements, dns, standard, dns servers
 
 
 
 
Expand article

More on Georgias FISMA Reporting

The Article has images
2008-05-19 22:02:29 by rybolov in The Guerilla CISO
...FISMA-esque metrics. I just found the policy statement for what theyre collecting in 2008 . On a side note, all of Georgias security policies feature concepts borrowed from NIST , something I like Lets talk about the scope creep of Government security, shall we? Fact of the matter is, its going to happen, and youll get eventually get caught...
 
Tags: government, government security, federal government, government contractor, government service provider, data, exchange data, fisma, transfer data
 
 
 
 
Expand article

Now ISC2 Blogs have an Opinion on FISMA

The Article has images
2008-06-02 16:47:27 by rybolov in The Guerilla CISO
...FISMA Report Armchair Quarterbacks. Hey, even I fit in there somewhere because right now Im nowhere near being in a decision-making role for the Government Well, today its the ISC2 blog talking about FISMA So why is it that nobody addresses the huge pink and chartreuse elephant in the room? The problem is not the metrics, as flawed as they...
 
Tags: security, security baseline, large-scale security, security investment, security people, security practitioners time, time, government, federal government
 
 
 
 
Expand article

William Jackson on FISMA: It Works, Maybe

2008-06-30 21:03:54 by rybolov in The Guerilla CISO
 
...FISMA: Ive said it time and time again, the law is good and doesnt need to be changed, the execution is the part that needs work Bookmark to
 
Tags: free time, free, security policies remain, government, security, time, william jackson, government computer news, nist special publications
 
 
 
 
Expand article

Federal Information Security and Management Act -- Five Years On

2007-12-18 02:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast
 
...FISMA) just completed its fifth year on the books as a federal law As the follow up to the Government Information Security Act of 2000, FISMA established an updated legal framework for federal information security, including baseline security standards for federal agencies. I remember that the information security community was excited about...
 
Tags: federal information security, management act, fisma, baseline security standards, information security community, mixed bag, federal law, focus, legal framework
 
 
 
 
Expand article

US Government planning to spend 10% of its IT budget on cyber-security by 2009.

2008-02-25 13:59:58 by Khalid Kark in Security & Risk Management
 
...FISMA. These numbers may seem a little out of whack, but here is why I think the US government is headed in the right direction 1. US government should be spending more than the commercial sector. The impact of a successful attack on US government infrastructure would entail much more than reputation damage. It would effect the morale of the...
 
Tags: cyber-security, budget, cyber-security budget, security, government, measure security, security budgets, mature security postures, government infrastructure
 
 
 
 
Expand article

House committee issues report and finds fault with TSA web site

The Article has images
2008-01-15 09:35:53 by Evan Francen in The Breach Blog