Archive for November, 2010

From: Emergency Management

State and local governments are closer than ever to having a single view available of the cyber-attacks and security vulnerabilities they are facing, thanks to groundbreaking work by a cross-sector organization that’s bringing them together.

The not-for-profit Multi-State Information and Analysis Center (MS-ISAC) is on the cusp of significant growth, said the organization’s chair, Will Pelgrin, and new participants will be able to utilize a new threat monitoring center recently launched by MS-ISAC that will give state and local governments better security intelligence in near real-time.

November 23, 2010 – Eric Chabrow, Executive Editor, GovInfoSecurity.com

The Department of Transportation’s chief information officer has questioned the effectiveness of Federal Information Security Management Act audits in securing government IT systems.

“Prior administrations attempted to address FISMA performance through short-term redirection, or by addressing immediate audit findings, without addressing the systematic issue limiting and impacting agency program performance,” DOT CIO Nitin Pradhan, in a memo prepared by CISO Andrew Orndorff, wrote in response to a DOT inspector general report critical of the department’s compliance with FISMA during fiscal year 2010.

CISOs, CIOs Priorities Don’t Necessarily Mesh
November 19, 2010 – Bruce Brody

FISMA designates departmental and agencies chief information officers as the primary official responsible for their organizations’ IT security. Among the CIOs’ duties under the Federal Information Security Management Act: designating a senior agency information security officer. That explains why agencies have placed chief information security officers under CIOs or deputy CIOs, far down the chain of command. But is this the right place for information security in a federal agency?

The Hill
By Gautham Nagesh – 11/16/10 10:53 AM ET

A leading technology industry group is urging Congress to extend an expired federal research and development tax credit and pass cybersecurity measures during the lame-duck session.

“This Congress still has the opportunity to help hone America’s competitive edge in the global innovation economy,” said TechAmerica President Phil Bond. “The R&D Credit is a jobs credit — an extension should be a no-brainer in a time of uncertain recovery.”

The Digital Government Institute has announced the following FISMA training seminar:

2011 FISMA: Understanding the New Process, Requirements and Responsibilities

February 14 – February 15, 2011

OMB and NIST over the past year have issued in Special Publication 800-37 the new standards for gaining approval for operating IT systems for all Federal organizations, including the DoD and Intelligence communities. This moved us from a 4-phase Certification and Accreditation (C&A) process to a 6-step Authorization process. This process has radically changed the way the U.S. government is securing and reporting the status of their IT systems. Increased emphasis is now being placed on including risk management, near-real-time awareness, automation, program management, and continuous monitoring concepts and solutions to secure Government IT systems. Also, there are new responsibilities and requirements at all levels within the government and supporting contractor organizations to meet the 2011 FISMA requirements. This 2-day course provides an awareness of strategies for meeting these new requirements.