FISMA fosters fixes on IT security front

The Federal Information Security Management Act, passed in 2002, is now the propelling force behind the government’s efforts to improve IT security.

Rank-and-file federal IT managers in a GCN telephone survey were unquestionably feeling the impact of FISMA.

“Our biggest challenge in the next 12 to 24 months is completing FISMA requirements,” said a Social Security Administration IT specialist in Baltimore.

In the survey, 92 percent of managers reported that their agencies are making progress on accreditation and certification, as well as other mandates.

For instance, 91 percent said their agencies had done a full inventory of IT assets, as required by FISMA.

Another 94 percent reported that their agencies had senior information security officers, another FISMA stipulation.

Managers we talked with expressed a variety of concerns about IT security, most naming viruses, worms and hackers as major threats.

“We need to stay on top of malicious codes,” said a computer specialist at the Defense Information Systems Agency in Falls Church, Va.

Viruses and worms

“Software inventors are a threat because viruses and worms can cost us a lot of money, data and recovery time,” said an information systems analyst at the General Accounting Office in Washington.

“Hackers are our biggest security concern,” added an Interior Department IT manager in Salt Lake City.

Managers also identified other sources of security worries, including user carelessness and malevolence.

“Uninformed users keep me up at night,” said a Census Bureau IT specialist in White Plains, Md.

“Unauthorized users gaining access to unattended workstations remain a threat,” said a Postal Service information systems technician in Shreveport, La.

For some, proper training offers the best bet to avert such perils. “We need to find time to educate our people about security,” said a Bankruptcy Court systems manager in Des Moines, Iowa.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.