[ISN] Can agency systems handle new FISMA requirements?

From: InfoSec News <alerts_at_private>
Date: Thu, 22 Apr 2010 00:19:37 -0500 (CDT)
http://fcw.com/articles/2010/04/21/omb-fisma-reporting-042110.aspx

By William Jackson
FCW.com
April 21, 2010

New standards released today by the White House for reporting under the 
Federal Information Security Management Act will require agencies to 
shift from paper-based annual reports to real time data feeds of system 
status that will be correlated by the Homeland Security Department.

The new requirements are an effort to shift agencies away from 
paper-based compliance system to real-time visibility, and shift 
investments from recordkeeping to automated security systems.

"Agencies will not spend all of their energy to generate reports," 
federal Chief Information Officer Vivek Kundra told reporters during a 
press briefing today. The first agencies will begin reporting under the 
new requirements as early as June.

Although the requirements are intended to be met using existing 
commercial security products, not all agencies have adequate systems in 
place. "Some agencies are going to have to make investment to get their 
tools in place," Kundra said.

[...]


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/
Received on Wed Apr 21 2010 - 22:19:37 PDT

This archive was generated by hypermail 2.2.0 : Wed Apr 21 2010 - 22:30:45 PDT