The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
Both candidates have made fleeting references to cybersecurity during the presidential campaign, but neither has addressed the matter in detail. How different would a President Romney be from a second-term President Obama?
The great thing about fraud examination is that you can really play to your own strengths when choosing a career. The following six job roles are just a few of the career paths a fraud examiner might take.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
White House Cybersecurity Coordinator Howard Schmidt, in an exclusive interview, expresses optimism that Congress could enact significant cybersecurity legislation this year even if President Obama doesn't get all that he wants in an IT security bill.
Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
It's ironic that Congressional Democrats and Republicans say they're willing to compromise on cybersecurity legislation. With so much else these days in Congress, compromise is not a 10-letter, but 4-letter word.
In recent years, the government has taken steps to improve federal IT infrastructure. While the 9/11 terrorist attacks were certainly a wake-up call, legislation and reform was always inevitable, says Mark Forman, former federal CIO.
Security incidents reported over the past five years have placed the confidentiality, integrity and availability of sensitive government information and information systems at risk, an annual GAO review reveals.
The shift to monthly reports of key metrics through CyberScope from annual FISMA filings allows security practitioners to make decisions using more information and more quickly than ever before, OMB Director Jacob Lew says.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
The soon-to-be issued FY 2011 Chief Information Officer FISMA Reporting Metrics from the Department of Homeland Security will require agencies to report on their progress in automating the continuous measurement of the most critical security risks.