The National Institute of Standards and Technology released a second draft of Special Publication 800-160, a guidebook for agencies to build cybersecurity processes into their day to day operations.
Cybersecurity experts say the government needs to address gaps in its IT systems and workforce to strengthen its defenses against data breaches, threats that are now a part of everyday federal operations.
Cabinet secretaries, members of Congress, federal leaders and family members celebrated the achievements of 10 federal employees at the 2015 Sammies awards dinner organized by the nonprofit Partnership for Public Service.
If recent events on the cybersecurity front have scared the heck out of you, well, good. There’s a lot you can do. How about start by reading the latest version of the government’s premier publications on how to assess whether your security and privacy controls are adequate for today’s hacker-plagued world? Dr. Ron Ross, FISMA Implementation Project and Joint Task Force Leader at the National Institute of Standards and Technology, joined Tom Temin on the Federal Drive to discuss what’s in the newest revision of Special Publication 800-53-A.
Non-federal organizations and contractors may have sensitive federal information on their computers, but there are no consistent rules on how to keep that information secure. The treatment of Controlled Unclassified Information is the focus of a new set of recommendations. Ron Ross is a National Institute of Standards and Technology fellow. He is the lead author of the new guide, and joined Tom Temin on the Federal Drive to explain more.
The National Institute of Standards and Technology has launched a four-part plan to help agencies build more secure IT systems. NIST Computer Scientist Ron Ross, who guided a new publication on the issue, tells the Federal Drive with Tom Temin and Emily Kopp that the same engineering principles that apply to bridges and buildings should apply to IT. That is, security should be built in, not added later.
The goal is to more accurately evaluate the security of the government’s computer networks and systems. These efforts could bring more consistency to the cyber auditing process and engender more confidence in its results.
The inconsistent way inspectors general review the security of federal networks and computers is causing uncertainty around what is working and what isn’t in the federal government. A recent State Department IG management alert is a prime example of this growing disconnect.
Ron Ross of the National Institute of Standards and Technology wants feedback on the agency’s IT security and privacy controls. Deputy Commissioner Wanda Rogers of the Treasury Department’s Financial Management Service talks about the final transition to E-Payments. Philip Lohaus is a research fellow with the American Enterprise Institute and former Defense Department analyst who has studied and blogged about how the CIA is two organizations in one.