The US Federal Information Security Management Act (FISMA) passed in 2002 was the launch of major cybersecurity efforts by the US federal government. This article is an update on FISMA as the ‘centerpiece’ of all US laws to improve cyberdefense. The ‘family’ of National Institute of Standards and Technology (NIST) Special Publications are a direct extension from FISMA and play a big role in the security of US government information assets.
We are big fans of NIST Special Publications and use them extensively in our audits. The article also refers to recent US Government Accountability Office (GAO) reports on the huge increase in attacks on federal information systems in the last few years.
We recommend this article to anyone in the IT audit and security industry whether they work in the government or in the private sector.
References:
ISACA Journal. FISMA 2010: What It Means for IT Security Professionals By Tarak Modi, CISA, CISSP, PMP. http://www.isaca.org/Journal/Past-Issues/2010/Volume-5/Pages/default.aspx
National Institute of Standards and Technology, Computer Security Division, Special Publications. http://csrc.nist.gov/publications/PubsSPs.html
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment