Tag Archives: FISMA

OIG Report: NASA Must Improve Info Security Controls, Contingency Plans

NASA

NASA’s Office of the Inspector General (OIG) has found that the agency failed to implement an enterprise-wide information security program and that it had inaccurate and incomplete security plans for six information systems. The OIG claims that four out of six systems were operating without contingency plans or with outdated plans meant to meet requirements.

Read More »

Accenture Federal Services Receives FedRAMP Authorization for MDR Cyber Capability; David Dalling, Aaron Faulkner Quoted

Accenture Federal Services (AFS) has been awarded Federal Risk and Authorization Management Program (FedRAMP) authorization for Managed Detection and Response cyber capability, a threat monitoring and incident response cloud solution, the company announced on Thursday.

Read More »

CISA, OMB Issue Draft Policies on Vulnerability Disclosure

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has released a draft binding operational directive that would require federal agencies to have a vulnerability disclosure policy.

Read More »

GAO: Agencies Need to Bolster Information Security Efforts

The Government Accountability Office has evaluated the information security programs of federal agencies and the Office of Management and Budget's performance in supervising these efforts. GAO said Friday it found that the majority of its study's 16 sample agencies exhibited weaknesses in most areas of security control.

Read More »

OMB Guidance Sets New Continuous Diagnostics & Mitigation Requirements for Agencies

The Office of Management and Budget has issued an updated guidance that outlines new Continuous Diagnostics and Mitigation program requirements for agencies to comply with the Federal Information Security Modernization Act of 2014, FedScoop reported Friday. The memo now directs agencies to submit justification should they choose to buy continuous monitoring tools and capabilities outside of the General Services Administration’s IT Schedule 70 CDM tools special item number, CDM Dynamic and Evolving Federal Enterprise Network Defense and other contract vehicles.

Read More »