Smithsonian

The Smithsonian Institution (SI) made some progress in its Fiscal Year 2018 FISMA (Federal Information Security Modernization Act) audit, but still sat at around a Level 2 on the FISMA scale, according to a report released September 23 by the Smithsonian Office of Inspector General. […]

Department of Homeland Security DHS

The Department of Homeland Security (DHS) improved its performance on the department’s FISMA (Federal Information Security Modernization Act) audit, going from Level 3 in Fiscal Year 2017 to Level 4 in FY2018, an agency inspector general’s report issued this month shows. […]

Cyber Security Brainstorm

The Department of Veterans Affairs (VA) did not set an adequate level of access controls for its Beneficiary Fiduciary Field System (BFFS), which put personally identifiable information (PII) and personal health information (PHI) at risk, according to a report released September 12 by VA’s Office of the Inspector General (OIG). […]

The Department of Health and Human Services’ (HHS) Office of Inspector General (OIG) identified an uptick in security gaps in the Centers for Medicare & Medicaid Services’ (CMS) Medicare administrative contractors (MACs) information security programs in fiscal year 2018, according to an OIG report released Aug. 23.  […]

The Federal government saw a 12 percent reduction in cybersecurity incidents in fiscal year 2018, and no “major” cybersecurity incidents for the year, according to the Office of Management and Budget’s annual report on the Federal Information Security Modernization Act (FISMA). […]

Cyber Security Brainstorm

The Office of Management and Budget (OMB) needs to do more to help Federal agencies with FISMA (Federal Information Security Modernization Act) compliance, according to a recent Government Accountability Office (GAO) report. […]

Cloud computing

The Food and Drug Administration (FDA) is looking to expand its footprint in the cloud by creating direct connections to cloud service providers, according to a solicitation released July 15. Responses are due by July 29. […]

The Department of Homeland Security (DHS) issued a request for information (RFI) on July 16 for Information Assurance Compliance System (IACS) tools that can support FISMA (Federal Information Security Modernization Act) compliance checks and reporting. […]

jeanette manfra dhs nppd oc&c assistant secretary

Balancing cybersecurity with modernization – as well as strategies that organically create that balance – are critical as Federal agencies work toward modernizing their IT infrastructures, said Jeanette Manfra, assistant director for the Cybersecurity and Infrastructure Security Agency (CISA), today. […]

The National Security Agency (NSA) may have deep knowledge of signals intelligence and cyber, but the agency still faces challenges in implementing a strong cybersecurity posture under FISMA (the Federal Information Security Modernization Act), according to the agency’s inspector general. […]

The House Oversight and Reform Committee’s latest report card on how the 24 largest Federal agencies are progressing on critical IT initiatives reveals a core of relatively stable agency scores, but with several big twists that significantly impact grades for most agencies. […]

Cybersecurity cyber

Federal agencies are unprepared to confront and mitigate cyberthreats today, the Senate Homeland Security and Governmental Affair Committee Investigations Subcommittee determined in a report released today, recommending that agencies give CIOs more authority to make decisions on cybersecurity. […]

DOJ Department of Justice
VA, Veterans Affairs
NSF

A new Federal Information Security Modernization Act (FISMA) report reviewing the Justice Department’s (DoJ’s) Criminal Division (CRM) identified vulnerabilities in five of the eight domain areas in CRM’s 2018 information security program and practices. The public report, released May 23, only summarized the full audit, but the summary said that DoJ’s Office of the Inspector […]

IRS

When it comes to monitoring third-party tax software providers and paid tax preparers, the IRS has limited jurisdiction and controls in place to protect taxpayer information from cyberattacks, according to a report from the Government Accountability Office released Thursday, May 9. […]

Cyber Security Brainstorm

A new report from ACT-IAC (American Council for Technology-Industry Advisory Council) finds that zero-trust technologies are available and lend themselves to incremental installation, but need support from the mission side of the agency for effective implementation. […]

Cybersecurity cyber

The Department of Health and Human Services’ (HHS) FISMA (Federal Information Security Modernization Act) audit for fiscal year 2018, released today by HHS’ Office of the Inspector General (OIG), shows the agency improved its performance in the “Identify” and “Protect” areas of the framework, while holding steady in other areas. […]

The Nuclear Regulatory Commission’s (NRC) Office of Inspector General (OIG) found in an April 2 Federal Information Security Modernization Act (FISMA) report that NRC should improve its software and network management and security. […]

Department of Transportation

The Transportation Department’s (DoT) Office of Inspector General (OIG) found that the department had the second lowest maturity level for its information security systems, and that its cybersecurity functions were found to be inadequate in a Federal Information Security Management Act (FISMA) audit released last week. […]

DOJ Department of Justice

The Justice Department Office of the Inspector General (OIG) found that DoJ’s Justice Management Division’s (JMD’s) Justice Security Tracking and Adjudication Record System (JSTARS) was overall compliant with the Federal Information Security Modernization Act (FISMA) in an audit summary released yesterday. […]

data sharing

The Office of Inspector General (OIG) Export-Import Bank ((EXIM Bank) of the United States released KPMG’s independent audit report on EXIM Bank’s information security program for FY2018 on March 13. In the report, KPMG, a public accounting firm, provided 14 recommendations that “should strengthen…EXIM’s information security program.” […]

VA, Veterans Affairs

The Department of Veterans Affairs has made progress in meeting Federal Information Security Modernization Act (FISMA) requirements, but still needs to work on most of the recommendations from previous years, a new FISMA audit released last week found. […]

The Department of the Interior received 18 security-related recommendations in a KPMG Federal Information Security Modernization Act (FISMA) audit, which identified several information security risks across the agency. […]

DoD Pentagon Military

The Department of Defense puts a lot of effort into cybersecurity but still has some significant holes in its structure, some of them dating back a decade, according to a report issued earlier this month by the department’s Inspector General (IG). […]

Cyber Security Brainstorm

With emerging technologies like artificial intelligence (AI) and blockchain continuing to reveal their capabilities to the marketplace, Federal IT leaders discussed the potential–and the pitfalls–of implementing new technology in government during a Thursday session at an event hosted by the Armed Forces Communications and Electronics Association (AFCEA). […]

Federal Cloud Flag

While the Federal IT community is eager to embrace the benefits of cloud services, agency leaders are working to balance the transition to cloud with Federal policies and maintaining continuous operations, deputy CIOs from the Air Force and the Department of Veterans Affairs (VA) told the crowd at CES-Government on Friday in Las Vegas. […]

CDC

Categories