FISMA News

From: GovInfoSecurity.com

Eric Chabrow, Executive Editor, GovInfoSecurity.com

The lack of government-wide definitions for information security occupations means the agencies with the largest IT budgets don’t know how many cybersecurity experts they employ.

That’s one finding in a Government Accountability Office report released Tuesday that details how eight surveyed agencies have taken varied steps to implement workforce planning for IT security personnel. The report, entitled Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, also revealed:

From: Government Security News

In October, the Securities and Exchange Commission (SEC) Division of Corporation Finance released a guidance document that outlines disclosure practices for public companies, in light of the most recent spike in cyber security attacks and associated data breaches.

The guidance document hints that companies have to pay more attention to assessing the impact of cyber security attacks and their outcomes; especially as it relates to weaknesses in the security posture and preventive measures of their organization.

From: GovWin.com

by Prem Iyer, CISSP / PMP

In an earlier post, Preparing for the Fight, I discussed that most agencies are ill-prepared when it comes to protecting their assets against the latest cyber threats. This point was validated last month when the Government Accountability Office (GAO), as part of the Federal Information Security Management Act of 2002 (FISMA), reported that persistent weaknesses in information security controls, due to incomplete implementation of security programs, resulted in a very serious spike in incidents across agencies.

From: Washington Post

By Jay Rockefeller and Michael Chertoff

We have been in enough classified briefings over the years to know the details of the most significant threats to our national security and our way of life. One vulnerability in particular keeps us up at night: the state of our nation’s cybersecurity.

The directors of national intelligence under President George W. Bush and President Obama have called cyberattack the greatest long-term threat to our nation. Adm. Mike Mullen, the former chairman of the Joint Chiefs of Staff, has put it even more starkly, saying that cyberattacks pose one of only two existential threats to the United States. Russia’s nuclear weapons constitute the other — and amount to a threat that, Mullen says, is under control.

From: WSJ