The sponsor of Senate-approved FISMA reform, Tom Carper, says it's not a done deal because the House has a dispute over which committee - Homeland Security or Oversight and Governmental Reform - has jurisdiction over the legislation.
Put together, two IRS audits illustrate a major concern many security pros have about FISMA audits: They're checklists of whether organizations comply with regulations that require specific processes but do not determine if the processes are effective.
Organizations in all business sectors should take a series of steps to guard against "visual hacking," a low-tech method used to capture sensitive, confidential and private information for unauthorized use.
Recalling an up to 10-day delay in Homeland Security helping other agencies cope with the Heartbleed vulnerability, DHS's Phyllis Schneck champions FISMA reform legislation that would codify the department's role as guardian of civilian agency IT.
A Twitter chat featuring Gartner's Avivah Litan offered a lively discussion of numerous fraud-related issues, including card breaches, weak authentication and the need for mobile scrutiny. We'll host more chats soon.
A Senate committee has approved legislation to reform the 12-year-old law that governs federal information security, plus two other cybersecurity-related bills. The full Senate will now consider the measures.
Legislation before the House to excise from federal law the requirement that NIST work with the NSA on cybersecurity standards wouldn't likely stop the two federal agencies from continuing to collaborate.
As the number of cybersecurity incidents increase, departments and agencies are doing a better job of complying with the law that governs IT security in the U.S. federal government, a new report to Congress from the White House says.
Using technology to devalue card data, and leveraging data analytics, are essential to efforts to crack down on fraud, Visa's Ellen Richey said in her keynote presentation at the San Francisco Fraud Summit.
The investigation of the disappearance of Malaysian Flight 370 is raising issues that are very similar to those considered in cybersecurity cases, ranging from the insider threat to deleting data from a computer.
Days before the release of the Obama administration's cybersecurity framework, Senate Republicans issued a report detailing vulnerabilities in federal IT, suggesting the White House get its own house in order.