FISMA fosters fixes on IT security front

The Federal Information Security Management Act, passed in 2002, is now the propelling force behind the government’s efforts to improve IT security.

Rank-and-file federal IT managers in a GCN telephone survey were unquestionably feeling the impact of FISMA.

“Our biggest challenge in the next 12 to 24 months is completing FISMA requirements,” said a Social Security Administration IT specialist in Baltimore.

In the survey, 92 percent of managers reported that their agencies are making progress on accreditation and certification, as well as other mandates.

For instance, 91 percent said their agencies had done a full inventory of IT assets, as required by FISMA.

Another 94 percent reported that their agencies had senior information security officers, another FISMA stipulation.

Managers we talked with expressed a variety of concerns about IT security, most naming viruses, worms and hackers as major threats.

“We need to stay on top of malicious codes,” said a computer specialist at the Defense Information Systems Agency in Falls Church, Va.

Viruses and worms

“Software inventors are a threat because viruses and worms can cost us a lot of money, data and recovery time,” said an information systems analyst at the General Accounting Office in Washington.

“Hackers are our biggest security concern,” added an Interior Department IT manager in Salt Lake City.

Managers also identified other sources of security worries, including user carelessness and malevolence.

“Uninformed users keep me up at night,” said a Census Bureau IT specialist in White Plains, Md.

“Unauthorized users gaining access to unattended workstations remain a threat,” said a Postal Service information systems technician in Shreveport, La.

For some, proper training offers the best bet to avert such perils. “We need to find time to educate our people about security,” said a Bankruptcy Court systems manager in Des Moines, Iowa.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.