Too many organizations misunderstand exactly what continuous monitoring is, says Centrify's Matt Hur, who offers insights on how to deploy continuous monitoring solutions for the best results.
The IRS's monitoring of its systems focused mostly on Federal Information Security Management Act and National Institute of Standards and Technology requirements, which aren't intended to assure the integrity of financial reporting, the GAO says.
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
Tackling cybersecurity as a single enterprise, rather than through 26 major and 100-plus smaller departments and agencies, is one of the Obama administration's IT security aims, White House Cybersecurity Coordinator Howard Schmidt says.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
Because of increasingly constrained resources, DOT's Office of Chief Information Officer is unlikely to fix within a year some of the security shortfalls detailed in the inspector general's report, CIO Nitin Pradhan says.
Senate Majority Leader Harry Reid, in a letter, informed Minority Leader Mitch McConnell of his decision to bring cybersecurity legislation to the floor during the first work period of 2012 legislative session.
Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
In recent years, the government has taken steps to improve federal IT infrastructure. While the 9/11 terrorist attacks were certainly a wake-up call, legislation and reform was always inevitable, says Mark Forman, former federal CIO.
The shift to monthly reports of key metrics through CyberScope from annual FISMA filings allows security practitioners to make decisions using more information and more quickly than ever before, OMB Director Jacob Lew says.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
The soon-to-be issued FY 2011 Chief Information Officer FISMA Reporting Metrics from the Department of Homeland Security will require agencies to report on their progress in automating the continuous measurement of the most critical security risks.
U.S. government agencies are eager to gain the service and cost efficiencies of cloud computing, but the Government Information Security Today survey finds they have serious reservations about information security in the cloud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.