Information Security: Agencies Make Progress in Implementation of Requirements, But Significant Weaknesses Persist

Information Security: Agencies Make Progress in Implementation of Requirements, But Significant Weaknesses Persist
Author: Gregory C. Wilshusen
Publisher: DIANE Publishing
Total Pages: 16
Release: 2009-12
Genre:
ISBN: 1437917631

Without proper safeguards, fed. agencies' computer systems are vulnerable to intrusions by individuals and groups who have malicious intentions and can obtain sensitive info., commit fraud, disrupt operations, or launch attacks against other computer systems and networks. Concerned by reports of significant weaknesses in fed. systems, Congress passed the Fed. Info. Security Mgmt. Act (FISMA), which permanently authorized and strengthened info. security program, evaluation, and annual reporting requirements for fed. agencies. This is testimony on a draft report on: (1) the adequacy and effectiveness of fed. agencies' info. security policies and practices; and (2) their implementation of FISMA requirements.

The State of Federal Information Security

The State of Federal Information Security
Author: United States. Congress. House. Committee on Oversight and Government Reform. Subcommittee on Government Management, Organization, and Procurement
Publisher:
Total Pages: 88
Release: 2010
Genre: Computers
ISBN:

Information Security

Information Security
Author: Gregory C. Wilshusen
Publisher: DIANE Publishing
Total Pages: 88
Release: 2010-08
Genre: Computers
ISBN: 1437932223

The increase in security incidents and continuing weakness in security controls on information technology systems at federal agencies highlight the continuing need for improved information security. To standardize and strengthen agencies' security, the Office of Management and Budget, in collaboration with the Nat. Inst. of Standards and Technology, launched the Federal Desktop Core Configuration initiative in 2007. This report: (1) identifies the goals, objectives, and requirements of the initiative; (2) determines the status of actions federal agencies have taken, or plan to take, to implement the initiative; and (3) identifies the benefits, challenges, and lessons learned in implementing this initiative. Includes recommendations. Charts and tables.

Cybersecurity: Continued Federal Efforts are Needed to Protect Critical Systems and Information

Cybersecurity: Continued Federal Efforts are Needed to Protect Critical Systems and Information
Author: Gregory C. Wilshusen
Publisher: DIANE Publishing
Total Pages: 24
Release: 2009-12
Genre: Computers
ISBN: 1437918506

Federal laws and policy have assigned important roles and responsibilities to the Dept. of Homeland Security (DHS) and the Nat. Inst. of Standards and Tech. (NIST) for securing computer networks and systems. DHS is charged with coordinating the protection of computer-reliant critical infrastructure -- much of which is owned by the private sector -- and securing its own computer systems, while NIST is responsible for developing standards and guidelines for implementing security controls over information and information systems. This report describes cybersecurity efforts at DHS and NIST -- including partnership activities with the private sector -- and the use of cybersecurity performance metrics in the fed. gov¿t. Table and graphs.

Federal Information Security Issues

Federal Information Security Issues
Author: Gregory C. Wilshusen
Publisher: DIANE Publishing
Total Pages: 7
Release: 2010-08
Genre: Computers
ISBN: 1437918638

Addresses additional questions arising from the May 19, 2009, hearing on federal information security held by the Subcommittee on Government Management, Organization, and Procurement. In that hearing, there was a discussion on the current state of information security throughout the federal government and agency efforts to comply with the requirements of the Federal Information Security Management Act of 2002 (FISMA). Congress had the following two questions: (1) Comment on the need for improved cyber security relating to S.773, the proposed Cybersecurity Act of 2009; and (2) Provide recommendations to improve the Federal Information Security Management Act. This report provides the responses.

Identity Theft: Governments Have Acted to Protect Personally Identifiable Information, But Vulnerabilities Remain

Identity Theft: Governments Have Acted to Protect Personally Identifiable Information, But Vulnerabilities Remain
Author: Daniel Bertoni
Publisher: DIANE Publishing
Total Pages: 24
Release: 2009-11
Genre: Computers
ISBN: 1437918239

The loss of personally identifiable information, such as an individual's Social Security number, name, and date of birth can result in serious harm, including identity theft. Identity theft, a serious crime that impacts millions of individuals each year, occurs when such information is used without authorization to commit fraud or other crimes. While progress has been made protecting personally identifiable information in the public and private sectors, challenges remain. This testimony summarizes: (1) the problem of identity theft; (2) steps taken at the fed., state, and local level to prevent potential identity theft; and (3) vulnerabilities that remain to protecting personally identifiable information, including in fed. information systems. Illustrations.

Information Security: Concerted Response Needed to Resolve Persistent Weakness

Information Security: Concerted Response Needed to Resolve Persistent Weakness
Author: Gregory C. Wilshusen
Publisher: DIANE Publishing
Total Pages: 21
Release: 2010-08
Genre: Computers
ISBN: 1437931235

Without proper safeguards, fed. computer systems are vulnerable to intrusions by individuals who have malicious intentions and can obtain sensitive info. The need for a vigilant approach to info. security (IS) has been demonstrated by the pervasive and sustained cyber attacks against the U.S. Concerned by reports of weaknesses in fed. systems, Congress passed the Fed. IS Management Act (FISMA), which authorized and strengthened IS program, evaluation, and annual reporting requirements for fed. agencies. This testimony discusses fed. IS and agency efforts to comply with FISMA. It summarizes: (1) fed. agencies¿ efforts to secure info. systems and (2) opportunities to enhance fed. cybersecurity. Charts and tables.