In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Members of the U.S. Congress may be more sensitive to cyberthreats than they were in the past, but that doesn't mean they truly all appreciate the risk key government and private-sector IT systems face, says House Cybersecurity Caucus Co-Chair Jim Langevin.
A new Congress - the 113th - comes to Washington in January, and the battles over IT security begin anew. Here's my take on how cybersecurity will take shape in 2013.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Both candidates have made fleeting references to cybersecurity during the presidential campaign, but neither has addressed the matter in detail. How different would a President Romney be from a second-term President Obama?
The IRS's monitoring of its systems focused mostly on Federal Information Security Management Act and National Institute of Standards and Technology requirements, which aren't intended to assure the integrity of financial reporting, the GAO says.
CIO Roger Baker concurs with auditor's recommendations, saying the Department of Veterans Affairs has "embarked on a cultural transformation" and that "securing information is everyone's responsibility."
Legislation being drafted by an influential Republican House chairman to reform the Federal Information Security Management Act could, if enacted, reverse Obama administration policy on how IT security is governed in the federal government.
Tackling cybersecurity as a single enterprise, rather than through 26 major and 100-plus smaller departments and agencies, is one of the Obama administration's IT security aims, White House Cybersecurity Coordinator Howard Schmidt says.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
Senate Majority Leader Harry Reid, in a letter, informed Minority Leader Mitch McConnell of his decision to bring cybersecurity legislation to the floor during the first work period of 2012 legislative session.
Because of increasingly constrained resources, DOT's Office of Chief Information Officer is unlikely to fix within a year some of the security shortfalls detailed in the inspector general's report, CIO Nitin Pradhan says.
It's ironic that Congressional Democrats and Republicans say they're willing to compromise on cybersecurity legislation. With so much else these days in Congress, compromise is not a 10-letter, but 4-letter word.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.