Suzanne Spaulding, the nominee to be the deputy undersecretary of the National Protection and Programs Directorate, told Senate lawmakers DHS had to reduce the number of federal devices that will be covered by the CDM program because of budget shortfalls.
An update to the Federal Information Security Management Act and the Cybersecurity Enhancement Act of 2013 passed through the House Tuesday night. The Cybersecurity Information Sharing and Protection Act also passed, but faces a veto threat because of concerns over data protection.
An independent group's report offers ways for agencies to evolve to continuous monitoring and risk-based approaches to cybersecurity within the existing Federal Information Security Management Act, and proposes more cooperation between CIOs and agency inspectors general.
Federal agencies reported more than 48,000 cyber attacks in 2012 and continue to struggle to defend their networks, according to a new report from the Government Accountability Office. Senators are now renewing their push for comprehensive cyber legislation, which would include an update to FISMA.
The 10-year-old law created a centralized oversight and advocate in OMB for IT management and programs. It also focused on making the government more citizen-centered and having agencies collaborate on delivering services to the public.
A look at the events shaping cybersecurity policy in the federal government over the past six years.
Six years after the Veterans Affairs data breach, civilian agency networks and computers are more secure. Current and former federal officials and cyber experts say from secretaries on down, the threat of a cyber attack and the impact on mission is well understood.
The annual reporting memo gives agencies 57 questions and answers as they prepare their 2012 cybersecurity report.
The agency plans to release solicitations to help agencies implement sensors to detect threats, followed by industry-provided services to analyze them. Congress approved $183 million to begin in 2013 to help get continuous monitoring off the ground more quickly.
Matt Coose left government after more than 20 years. In his final position as director of the Federal Network Service at DHS, he said the agency's cyber capabilities matured. And agency focus on securing federal networks has never been better.
The revised Cybersecurity Act of 2012 removes DHS from having sole oversight authority of critical infrastructure and shares the responsibility across an interagency council. The bill also would make the implementation of cyber standards by critical infrastructure operators voluntary. The legislation encourages an incentive-based program.
Homeland Security releases policy and guidance on how departments and vendors will implement continuous monitoring and get away from static reports on the cyber health of their systems. DHS is hoping Congress approves a $200 million funding request to buy five different commercial cyber tools, a dashboard and a security data warehouse in 2013.
The U.S. Agency for International Development saw their FISMA scores drop to an F grade. Jerry Horton, USAID's chief information officer, said they will fix their shortcomings this year. June 21, 2012
Despite a veto threat from the President, the House passed the Cyber Intelligence Sharing and Protection Act (CISPA) Thursday , along with three other cybersecurity bills.
The House of Representatives is expected to take up several cybersecurity bills next week, one of which is aimed at updating the Federal Information Security Management Act. So far, the bill has earned bipartisan support.