Home / Tag Archives: risk management (page 5)

Tag Archives: risk management

Terry McAuliffe Directs Virginia IT Agency to Expand Cyber Risk Mgmt Activities

Virginia Gov. Terry McAuliffe has issued an executive directive to expand the state’s cyber-related risk management activities in support of efforts to strengthen cybersecurity measures. The governor’s office said in an announcement posted Aug. 31 that Executive Directive 6 mandates the Virginia Information Technologies Agency to update its data and computer systems inventory. The directive also …

Read More »

Michael Daniel: Cyber Should Be Part of Agency, Corporate Risk Mgmt

White House Cybersecurity Coordinator Michael Daniel believes that cyber defenses at many government agencies still have room for improvement amid an increase in awareness of potential threats, FierceGovernmentIT reported Thursday. Dibya Sarkar writes that Daniel told his audience at this week’s Aspen Forum there is a lack of incentives for stronger cybersecurity and a …

Read More »

Pentagon: Climate Change Affects US Military’s Global Security Operations

The Defense Department has published a report that examines climate change’s impact on humanitarian assistance and disaster relief missions, infrastructure and security cooperation efforts of U.S. combatant commands worldwide. DoD said Wednesday it conducted the “National Security Implications of Climate Change” study following a request from the Senate Appropriations Committee …

Read More »

Emile Monette: GSA Begins Work on Cyber Risk Framework for IT Systems Acquisitions

The General Services Administration has started to develop a cybersecurity risk profile for federal agencies to use when they purchase information technology products and services, Federal News Radio reported Friday. Emile Monette, senior adviser for resilience and cybersecurity at GSA’s Office of Governmentwide Policy, told the station agencies will work to prioritize risk …

Read More »

Essye Miller: Risk Management Framework for DoD IT Builds Commonality, Flexibility

The Defense Department‘s transition to the Risk Management Framework has helped streamline the secure integration of information technology systems and applications into the DoD network, FierceGovernmentIT reported Wednesday. Dibya Sarkar writes that contractors and military users found the previous DoD Information Assurance Certification and Accreditation Process challenging in terms of complexity, …

Read More »

Ron Ross: NIST Working on Final Guidance to Integrate Cyber Efforts

The National Institute of Standards and Technology is finalizing guidance for the integration of cybersecurity across the government’s mission areas to counter the increasing number of cyber attacks, Federal News Radio reported Thursday. Jason Miller writes NIST fellow Ron Ross noted that the “Systems Security Engineering: An Integrated Approach to Building Trustworthy Resilient Systems” (Special …

Read More »

FFIEC Notes Inherent Risk, Preparedness as Cybersecurity Factors for Financial Institutions

The Federal Financial Institutions Examination Council says that financial institutions should focus their cybersecurity measures on managing inherent risk factors and engage executive leadership in evaluating an institution’s preparedness. FFIEC said in a report published Monday that it conducted a cybersecurity assessment of 500 financial institutions earlier this year and found that inherent …

Read More »

Mark Naggar: HHS Buyers Club Continues Program Evaluation After 1st Contract

Mark Naggar, program manager of the Department of Health and Human Services‘ Buyers Club, say the initiative is moving forward with its first contract to further develop procurement agility functions, Fedscoop reported Wednesday. Billy Mitchell writes that Naggar has noted future website changes, continued collaboration across the federal government and efforts to collect feedback on …

Read More »

FDA’s Suzanne Schwartz: Medical Device Manufacturers Need to Protect Against Cybersecurity Risks

The U.S. Food and Drug Administration recommends that cybersecurity measures become an inherent part of medical device design and development in the recently released final guidance for device manufacturers on cybersecurity risk management. “There is no such thing as a threat-proof medical device,” Suzanne Schwartz, director of emergency preparedness/operations and medical countermeasures at …

Read More »