The Office of Personnel Management (OPM) received a mostly positive Federal Information Security Modernization Act (FISMA) audit from its Office of the Inspector General (OIG) this year, but the agency still needs to fill some security gaps – such as improving its IT security training program. […]
The Peace Corps – an independent Federal agency that dispatches volunteers around the world – has made “significant progress” in enhancing its information security posture over the past year, but it is “falling short” of meeting what the White House defines as an “effective level of security.” […]
Federal agencies saw an almost 10 percent rise in cyber incidents throughout fiscal year (FY) 2023, according to the latest Federal Information Security Modernization Act (FISMA) report to Congress. However, despite the surge, the report also highlights an increase in improved cyber detection capabilities. […]
A new report from the Government Accountability Office (GAO) reveals that Federal agencies’ implementation of the Federal Information Security Modernization Act (FISMA) continued to be mostly ineffective in recent years, and it calls on the Office of Management and Budget (OMB) to develop better metrics to evaluate the effectiveness of FISMA. […]
The Office of Management and Budget (OMB) said in its FY2022 FISMA Report that the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program counted 48 Federal agencies that were making notable progress on deployments of endpoint and detection response (EDR) technologies by the end of fiscal year 2022 that ended last Sept. 30. […]
A Small Business Administration (SBA) Office of Inspector General (OIG) report summarizing the results of its fiscal year (FY) 2021 Federal Information Security Modernization Act (FISMA) evaluation rates SBA’s overall program of information security as “not effective.” […]
Join MeriTalk and Cohesity on May 3 from 1:30 p.m. to 2:30 p.m. Eastern time for a fresh assessment of high value asset protection at Achieving Cyber Resiliency: A Roadmap to Protect Agency High Value Assets webinar. […]
The Consolidated Appropriations Act of 2022 (H.R. 2471), introduced by Rep. Rosa DeLauro, D-Conn., would fund the Federal government through the end of fiscal year (FY) 2022 and includes language on cyber incident reporting for critical infrastructure (CI) requirements. […]
Two senior House leaders on Federal technology issues said today they are looking for decisive action soon on legislation to update the Federal Information Security Management Act (FISMA), and codify and improve the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). […]
Bipartisan leaders of the House Oversight and Reform Committee today introduced their version of legislation that would update the Federal Information Security Modernization Act (FISMA), which sets cybersecurity requirements for Federal civilian agencies. […]
House Oversight and Reform Committee leadership today unveiled their draft legislation to make major changes to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]
Industry leaders today urged the House Oversight and Reform Committee to strengthen the Federal Information Security Management Act (FISMA) to keep up with evolving cyber threats and place a greater emphasis on cybersecurity outcomes, rather than compliance. […]
The House Oversight and Reform Committee will debut draft legislation next week to adopt major reforms to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]
The Office of Management and Budget (OMB) on December 6 issued new Federal Information Security Management Act (FISMA) guidance to Federal agencies for Fiscal Years 2021-2022 that promotes agency action on several items in the Biden administration’s Cybersecurity Executive Order issued in May, and that also aligns with aspects of current Senate legislation on FISMA reform. […]
MITRE Corp., the operator of Federally-funded R&D centers that aim to help the U.S. government with a host of scientific and tech research issues, is advancing a series of recommendations for congressional action on high-profile cybersecurity issues prior to Senate action beginning Nov. 29 on the FY2022 National Defense Authorization Act (NDAA) which features numerous provisions that would impact Federal cyber defenses. […]
Federal Chief Information Security Officer (CISO) Chris DeRusha today offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May. […]
House Oversight and Reform Committee Chairwoman Carolyn Maloney, D-N.Y., and several chairs of the panel’s key subcommittees today asked inspectors general (IGs) from ten Federal agencies for assessments of any cybersecurity vulnerabilities that were created or worsened by the use of telework systems during the coronavirus pandemic, and whether any such vulnerabilities have been mitigated. […]
CenturyLink said on Sept. 1 that the company has attained FISMA (Federal Information Security Management Act) High certification for its federal network operations centers and security operations centers. […]
The Office of the Inspector General (OIG) at NASA blamed the lack of information security programs, missing contingency plans, and ineffective IT security handbooks for the agency’s Federal Information Security Modernization (FISMA) Act shortcomings in Fiscal Year 2019. […]
Federal agencies got better at fending off cyberattacks and improving their overall cybersecurity posture last year, according to the Fiscal Year 2019 Federal Information Security Modernization Act (FISMA) Annual Report to Congress. […]
The Department of Housing and Urban Development (HUD) is missing the mark on records management and privacy requirements to the tune of more than one billion records that contain personally identifiable information (PII), the agency’s Inspector General (IG) said in a recent report. […]
While the Department of Labor (DOL) has consistently complied with Federal Information Security Management Act (FISMA) standards, the Office of the Inspector General (OIG) reported on Dec. 23 that the agency’s information security program is, overall, ineffective. […]
The Election Assistance Commission generally complies with Federal Information Security Management Act (FISMA) requirements, but the policies in place are not enough to protect agency information, according to a Jan. 2 report released by the EAC Office of the Inspector General (OIG). […]
For the first time in the history of the House Oversight and Reform Committee’s FITARA Scorecard, three agencies received “A” grades and set the bar higher for the 24 CFO Act agencies going forward into 2020. […]
The Office of Personnel Management (OPM) made progress during Fiscal Year 2019 on cybersecurity issues, and closed eight prior recommendations from its Office of Inspector General (IG) during the year, according to the IG’s 2019 Federal Information Security Modernization Act (FISMA) audit. […]
The Office of Management and Budget released its updated guidance for complying with the Federal Information Security Modernization Act of 2014 (FISMA), setting the timeline for Federal agencies to assess their cybersecurity posture. […]
The Consumer Financial Protection Bureau (CFPB) performed well on its fiscal year 2019 FISMA audit, reaching a Level 4 and meeting the threshold for effectiveness, according to a report released October 31 by CFPB’s inspector general. […]
The Treasury Department received mixed results on its fiscal year 2019 FISMA audit, with few weak spots identified but still falling below the level of effective, according to the audit released October 25 by the department’s inspector general. […]
The Federal Maritime Commission (FMC), the agency regulating U.S. international ocean transportation, is not responding to cybersecurity vulnerabilities in a timely manner, according to a FISMA audit from its Office of the Inspector General (OIG). […]
The Federal Labor Relations Authority (FLRA) continues to meet Federal Information Security Modernization Act (FISMA) requirements with few areas of concern, according to a report by the FLRA Office of the Inspector General (OIG) released on Oct. 30. […]