Resources for Federal Information Security Management Act (FISMA)

Happy Birthday FISMA

www.gcn.com

The Federal Information Security Management Act is five years old. For five years, agencies have been struggling under unfunded mandates for regulatory compliance, a drumbeat of bad publicity from annual congressional report cards, a constant ping of hostile probes of IT systems and the occasional self-inflicted black eye. Is government’s IT security any better today than it was in 2002?

It is hard to say with certainty because assessing security is like trying to prove a negative. If security is done right, the outcome is nothing. This makes it difficult to identify success and easy to pinpoint every slip. This is further complicated by the fact that there is no such thing as “government IT security.” There are several dozen executive branch departments and agencies covered underFISMA, many with dozens more subdivisions, each with its unique networks, systems, missions and challenges.

View the Resource

Share or bookmarklet this web page at: