Audit finds SBA’s information security program ‘not effective’ despite cyber improvements

by Dave Nyczepir • 4 days ago

The agency has boosted oversight of incident response, risk management and contingency planning, but continues to fall short of FISMA expectations.

Cybersecurity incidents down at federal agencies, no ‘major’ ones

by Dave Nyczepir • 8 months ago

The Office of Management and Budget cautioned, however, against drawing conclusions, given agencies' shifting reporting guidelines.

Why government is slow to endorse frameworks for quantifying cybersecurity risk

by Dave Nyczepir • 8 months ago

Until individual agencies like the Department of Energy and Department of the Treasury see success quantifying risk, the practice won't likely be mandated.

GAO reminds agencies of FISMA requirements, says OMB report is overdue

by Joe Warminsky • 8 months ago

As of fiscal 2018, "many federal agencies were often not adequately or effectively implementing their information security policies and practices" under the Federal Information Security Modernization Act.

Congress should exempt Pentagon from Clinger-Cohen Act, panel says

by Billy Mitchell • 1 year ago

The Section 809 Panel argues in a new report that Congress should exempt DOD from the Clinger-Cohen Act provisions under Title 40 of the U.S. code.

Federal agencies reported more than 35,000 cyber incidents in 2017

by Billy Mitchell • 1 year ago

That's a substantial increase since last year.

TwitterFacebookLinkedInRedditGoogle Gmail