[ISN] FISMA Mandates Monthly Security Reports For Agencies

From: InfoSec News <alerts_at_private>
Date: Fri, 16 Sep 2011 01:06:57 -0500 (CDT)
http://www.informationweek.com/news/government/security/231601481

By Elizabeth Montalbano
InformationWeek
September 15, 2011

Federal agencies must begin reporting security data to an online 
compliance tool as part of fiscal year 2011 requirements for the Federal 
Information Security Management Act (FISMA).

The Department of Homeland Security (DHS) outlined new requirements for 
FISMA, the National Institute of Standards and Technology (NIST) 
security standard for federal IT solutions. One of them calls for 
agencies to establish monthly data feeds to CyberScope, a compliance 
tool developed to help the feds to better and more actively monitor 
cybersecurity.

The tool was announced in late 2009 under then U.S. CIO Vivek Kundra, 
who at the time said it would help the feds not merely "collect 
information for information's sake," but work to actively improve its 
security posture.

Indeed, CyberScope represents a major shift in the way federal agencies 
report FISMA compliance in that it replaces once-a-year compliance 
reporting with a more operational, consistent approach.

[...]


_____________________________________________________________
Register now for the #HITB2011KUL - Asia's premier
deep-knowledge network security event now in it's 9th year!
http://conference.hitb.org/hitbsecconf2011kul/
Received on Thu Sep 15 2011 - 23:06:57 PDT

This archive was generated by hypermail 2.2.0 : Thu Sep 15 2011 - 23:16:21 PDT