A new report from the Government Accountability Office (GAO) reveals that Federal agencies’ implementation of the Federal Information Security Modernization Act (FISMA) continued to be mostly ineffective in recent years, and it calls on the Office of Management and Budget (OMB) to develop better metrics to evaluate the effectiveness of FISMA. […]

The Office of Management and Budget (OMB) said in its FY2022 FISMA Report that the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program counted 48 Federal agencies that were making notable progress on deployments of endpoint and detection response (EDR) technologies by the end of fiscal year 2022 that ended last Sept. 30. […]

A Small Business Administration (SBA) Office of Inspector General (OIG) report summarizing the results of its fiscal year (FY) 2021 Federal Information Security Modernization Act (FISMA) evaluation rates SBA’s overall program of information security as “not effective.” […]

security

The Consolidated Appropriations Act of 2022 (H.R. 2471), introduced by Rep. Rosa DeLauro, D-Conn., would fund the Federal government through the end of fiscal year (FY) 2022 and includes language on cyber incident reporting for critical infrastructure (CI) requirements. […]

Gerry Connolly

Two senior House leaders on Federal technology issues said today they are looking for decisive action soon on legislation to update the Federal Information Security Management Act (FISMA), and codify and improve the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). […]

Bipartisan leaders of the House Oversight and Reform Committee today introduced their version of legislation that would update the Federal Information Security Modernization Act (FISMA), which sets cybersecurity requirements for Federal civilian agencies. […]

House Oversight and Reform Committee leadership today unveiled their draft legislation to make major changes to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]

cybersecurity

Industry leaders today urged the House Oversight and Reform Committee to strengthen the Federal Information Security Management Act (FISMA) to keep up with evolving cyber threats and place a greater emphasis on cybersecurity outcomes, rather than compliance. […]

IT modernization data center

The Office of Management and Budget (OMB) on December 6 issued new Federal Information Security Management Act (FISMA) guidance to Federal agencies for Fiscal Years 2021-2022 that promotes agency action on several items in the Biden administration’s Cybersecurity Executive Order issued in May, and that also aligns with aspects of current Senate legislation on FISMA reform. […]

MITRE Corp., the operator of Federally-funded R&D centers that aim to help the U.S. government with a host of scientific and tech research issues, is advancing a series of recommendations for congressional action on high-profile cybersecurity issues prior to Senate action beginning Nov. 29 on the FY2022 National Defense Authorization Act (NDAA) which features numerous provisions that would impact Federal cyber defenses. […]

Cybersecurity

Federal Chief Information Security Officer  (CISO) Chris DeRusha today offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May. […]

telework

House Oversight and Reform Committee Chairwoman Carolyn Maloney, D-N.Y., and several chairs of the panel’s key subcommittees today asked inspectors general (IGs) from ten Federal agencies for assessments of any cybersecurity vulnerabilities that were created or worsened by the use of telework systems during the coronavirus pandemic, and whether any such vulnerabilities have been mitigated. […]

cybersecurity

CenturyLink said on Sept. 1 that the company has attained FISMA (Federal Information Security Management Act) High certification for its federal network operations centers and security operations centers.  […]

NASA

The Office of the Inspector General (OIG) at NASA blamed the lack of information security programs, missing contingency plans, and ineffective IT security handbooks for the agency’s Federal Information Security Modernization (FISMA) Act shortcomings in Fiscal Year 2019. […]

HUD Urban Development

The Department of Housing and Urban Development (HUD) is missing the mark on records management and privacy requirements to the tune of more than one billion records that contain personally identifiable information (PII), the agency’s Inspector General (IG) said in a recent report. […]

Labor

While the Department of Labor (DOL) has consistently complied with Federal Information Security Management Act (FISMA) standards, the Office of the Inspector General (OIG) reported on Dec. 23 that the agency’s information security program is, overall, ineffective. […]

The Election Assistance Commission generally complies with Federal Information Security Management Act (FISMA) requirements, but the policies in place are not enough to protect agency information, according to a Jan. 2 report released by the EAC Office of the Inspector General (OIG). […]

For the first time in the history of the House Oversight and Reform Committee’s FITARA Scorecard, three agencies received “A” grades and set the bar higher for the 24 CFO Act agencies going forward into 2020. […]

The Office of Personnel Management (OPM) made progress during Fiscal Year 2019 on cybersecurity issues, and closed eight prior recommendations from its Office of Inspector General (IG) during the year, according to the IG’s 2019 Federal Information Security Modernization Act (FISMA) audit. […]

Cybersecurity cyber

The Office of Management and Budget released its updated guidance for complying with the Federal Information Security Modernization Act of 2014 (FISMA), setting the timeline for Federal agencies to assess their cybersecurity posture. […]

Cybersecurity cyber

The Consumer Financial Protection Bureau (CFPB) performed well on its fiscal year 2019 FISMA audit, reaching a Level 4 and meeting the threshold for effectiveness, according to a report released October 31 by CFPB’s inspector general. […]

Treasury

The Treasury Department received mixed results on its fiscal year 2019 FISMA audit, with few weak spots identified but still falling below the level of effective, according to the audit released October 25 by the department’s inspector general. […]

cybersecurity chip AI

The Federal Maritime Commission (FMC), the agency regulating U.S. international ocean transportation, is not responding to cybersecurity vulnerabilities in a timely manner, according to a FISMA audit from its Office of the Inspector General (OIG). […]

data sharing

The Federal Labor Relations Authority (FLRA) continues to meet Federal Information Security Modernization Act (FISMA) requirements with few areas of concern, according to a report by the FLRA Office of the Inspector General (OIG) released on Oct. 30. […]

A report by the U.S. Consumer Product Safety Commission’s (CPSC) Office of Inspector General (OIG) found that CPSC is making progress in implementing Federal Information Security Modernization Act (FISMA) requirements, but still have more work to do in that area. […]

FDIC

A spotty risk management strategy, along with poor security control assessment procedures, are undermining the Federal Deposit Insurance Corporation (FDIC)’s ability to identify and detect network security threats, according to an FDIC Office of the Inspector General (OIG) report released on Oct. 23. […]

1 2 3

Categories