Members of the House Oversight and Accountability Committee on both sides of the aisle had nothing but good things to say about two major pieces of Fed-tech legislation today – one to reform the Federal Information Security Modernization Act (FISMA) and another to codify Federal governance of agency AI systems – during a full committee markup session today. […]

A new report from the Government Accountability Office (GAO) reveals that Federal agencies’ implementation of the Federal Information Security Modernization Act (FISMA) continued to be mostly ineffective in recent years, and it calls on the Office of Management and Budget (OMB) to develop better metrics to evaluate the effectiveness of FISMA. […]

The White House is calling on Federal agencies to prioritize creating internet of things (IoT) asset inventories by the end of fiscal year (FY) 2024 as a way to better gauge cybersecurity risks.  […]

The Internal Revenue Service (IRS) failed to review nearly 75 percent of IT security weaknesses within a timely manner in recent years due to staffing shortfalls, among other reasons, the Treasury Inspector General for Tax Administration (TIGTA) found in a recent report. […]

The Senate Homeland Security and Governmental Affairs Committee voted today to approve legislation for a major revamp of the Federal Information Security Modernization Act (FISMA), and a bill that would require Federal agencies to inventory their older, legacy IT systems and work on plans to modernize them. […]

Senate legislation unveiled July 12 to update the nine-year-old Federal Information Security Modernization Act (FISMA) is on its way to fast-track consideration by the Senate as part of the Fiscal Year 2024 National Authorization Act (NDAA) that the Senate is set to begin debating today. […]

The Office of Management and Budget (OMB) said in its FY2022 FISMA Report that the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program counted 48 Federal agencies that were making notable progress on deployments of endpoint and detection response (EDR) technologies by the end of fiscal year 2022 that ended last Sept. 30. […]

The Office of Management and Budget (OMB) said this week that reported cyber “incidents” involving Federal government systems declined by about five percent in fiscal year 2022 – to a total of 30,659 incidents – compared to the prior year’s tally. […]

A recent report from the Treasury Inspector General for the Tax Administration (TIGTA) based on fiscal year 2022 auditing of Internal Revenue Service (IRS) cybersecurity arrangements is finding mostly “ineffective” ratings for the agency’s cybersecurity program, which TIGTA said could put taxpayer data at risk. […]

Federal agencies have until September 30, 2023, to report at least 80 percent of their IT systems through the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, according to an OMB Federal Information Security Modernization Act (FISMA) guidance issued on Dec. 2. […]

A Small Business Administration (SBA) Office of Inspector General (OIG) report summarizing the results of its fiscal year (FY) 2021 Federal Information Security Modernization Act (FISMA) evaluation rates SBA’s overall program of information security as “not effective.” […]

Join MeriTalk and Cohesity on May 3 from 1:30 p.m. to 2:30 p.m. Eastern time for a fresh assessment of high value asset protection at Achieving Cyber Resiliency: A Roadmap to Protect Agency High Value Assets webinar. […]

The House Oversight and Reform Committee today approved by voice vote legislation that would update the Federal Information Security Modernization Act (FISMA). The committee’s vote sends the legislation to the full House of Representatives for consideration. […]

The House Oversight and Reform Committee is likely to release the 13th version of its FITARA Scorecard next week, with the House Government Operations Subcommittee also lining up a hearing to discuss the scorecard results. […]

Industry leaders today urged the House Oversight and Reform Committee to strengthen the Federal Information Security Management Act (FISMA) to keep up with evolving cyber threats and place a greater emphasis on cybersecurity outcomes, rather than compliance. […]

The House Oversight and Reform Committee will debut draft legislation next week to adopt major reforms to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]

Two major pieces of cybersecurity legislation – a Senate-approved bill to reform the Federal Information Security Management Act (FISMA), and another bill to standardize reporting requirements for major cybersecurity incidents – both failed to make the cut in the House-Senate conference version of the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) that passed the House Dec. 7. […]

Senate Majority Leader Chuck Schumer, D-N.Y., expects to have a final conference agreement for the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) this week, with votes potentially taking place into the weekend, Schumer wrote in a Dec. 6 Dear Colleague letter. […]

The Office of Management and Budget (OMB) on December 6 issued new Federal Information Security Management Act (FISMA) guidance to Federal agencies for Fiscal Years 2021-2022 that promotes agency action on several items in the Biden administration’s Cybersecurity Executive Order issued in May, and that also aligns with aspects of current Senate legislation on FISMA reform. […]

After returning from the Thanksgiving break yesterday, the Senate’s progress on consideration of the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) stalled last night with Senate Republicans refusing to vote for cloture due to disagreements on the amendment process for the defense spending act. […]

The Senate returned to work Monday afternoon to continue consideration of the fiscal year (FY) 2022 National Defense Authorization Act (NDAA), beginning a torrid stretch of legislative work leading up to the end of the calendar year. […]

MITRE Corp., the operator of Federally-funded R&D centers that aim to help the U.S. government with a host of scientific and tech research issues, is advancing a series of recommendations for congressional action on high-profile cybersecurity issues prior to Senate action beginning Nov. 29 on the FY2022 National Defense Authorization Act (NDAA) which features numerous provisions that would impact Federal cyber defenses. […]

After a potential setback late last week, Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, are still looking to attach their legislation to reform the Federal Information Security Modernization Act (FISMA) added to the Senate’s fiscal year (FY) 2022 National Defense Authorization Act (NDAA) making its way through the chamber, a Senate Homeland Security and Governmental Affairs Committee staffer told MeriTalk. […]

The Federal Deposit Insurance Corporation (FDIC) has a strong information security maturation, with an overall grade of 4 on a 5-point scale, but still has “significant security control weaknesses,” according to a recent audit of its information security practices released by the FDIC Office of the Inspector General (OIG). […]

The Senate Homeland Security and Governmental Affairs Committee voted unanimously today to advance for full Senate consideration of a bill that would extensively overhaul the 2014 version of the Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]

The Democratic and Republican leaders of the Senate Homeland Security and Governmental Affairs Committee have unveiled their long-awaited legislation to update the 2014 Federal Information Security Modernization Act that provides cybersecurity marching orders to Federal civilian agencies. […]

Federal Chief Information Security Officer Chris DeRusha said today that working to update the Federal Information Security Management Act (FISMA) – and generate more useful Federal agency cybersecurity metrics as a result – are among his top priorities currently. […]

Federal Chief Information Security Officer  (CISO) Chris DeRusha today offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May. […]

The Small Business Administration (SBA) Office of the Inspector General (OIG) said in its newly released annual Federal Information Security Modernization Act (FISMA) report for Fiscal Year 2020 that SBA’s  information security was “not effective” last year due in part to the COVID-19 pandemic. […]

House Oversight and Reform Committee Chairwoman Carolyn Maloney, D-N.Y., and several chairs of the panel’s key subcommittees today asked inspectors general (IGs) from ten Federal agencies for assessments of any cybersecurity vulnerabilities that were created or worsened by the use of telework systems during the coronavirus pandemic, and whether any such vulnerabilities have been mitigated. […]