FISMA fosters fixes on IT security front

The Federal Information Security Management Act, passed in 2002, is now the propelling force behind the government’s efforts to improve IT security.

Rank-and-file federal IT managers in a GCN telephone survey were unquestionably feeling the impact of FISMA.

“Our biggest challenge in the next 12 to 24 months is completing FISMA requirements,” said a Social Security Administration IT specialist in Baltimore.

In the survey, 92 percent of managers reported that their agencies are making progress on accreditation and certification, as well as other mandates.

For instance, 91 percent said their agencies had done a full inventory of IT assets, as required by FISMA.

Another 94 percent reported that their agencies had senior information security officers, another FISMA stipulation.

Managers we talked with expressed a variety of concerns about IT security, most naming viruses, worms and hackers as major threats.

“We need to stay on top of malicious codes,” said a computer specialist at the Defense Information Systems Agency in Falls Church, Va.

Viruses and worms

“Software inventors are a threat because viruses and worms can cost us a lot of money, data and recovery time,” said an information systems analyst at the General Accounting Office in Washington.

“Hackers are our biggest security concern,” added an Interior Department IT manager in Salt Lake City.

Managers also identified other sources of security worries, including user carelessness and malevolence.

“Uninformed users keep me up at night,” said a Census Bureau IT specialist in White Plains, Md.

“Unauthorized users gaining access to unattended workstations remain a threat,” said a Postal Service information systems technician in Shreveport, La.

For some, proper training offers the best bet to avert such perils. “We need to find time to educate our people about security,” said a Bankruptcy Court systems manager in Des Moines, Iowa.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.