The Contracting Education Academy

Contracting Academy Logo
You are here: Home / Archives for FISMA

By

NIST issues updated cybersecurity companion guide

The National Institute of Standards and Technology (NIST) has issued its 5th catalog of security and privacy controls for information systems.
Click on image above to download publication.

The purpose of NIST’s publication is to protect organizational operations from a diverse set of threats and risks.

The catalog addresses security and privacy from a functionality perspective (i.e., the strength of functions and mechanisms provided by the controls) and from an assurance perspective (i.e., the measure of confidence in the security or privacy capability provided by the controls).  Addressing functionality and assurance helps to ensure that information technology products and the systems that rely on those products are sufficiently trustworthy.

The use of these controls is mandatory for federal information systems in accordance with Office of Management and Budget (OMB) Circular A-130 and the provisions of the Federal Information Security Modernization Act (FISMA), which requires the implementation of minimum controls to protect federal information and information systems.

The latest publication and supplemental materials can be downloaded from: https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final.

By

Creating space for innovation

“Innovation” is an overused buzzword that obscures the messy reality of making change happen.

True innovation requires the right people, the proper mix of technologies and a critical grasp of customers’ needs and expectations. For agencies, the many layers of federal governance and regulation add another degree of difficulty.

FCW recently gathered a group of IT leaders from across government to talk about the obstacles they’re encountering and how they’ve addressed them. The discussion was on the record but not for individual attribution, and the quotes have been edited for length and clarity. Here’s what the group had to say.

Procurement is no longer the obstacle — security is

The Federal Acquisition Regulation’s restrictions, both real and perceived, have long been a friction point for digital reinvention efforts, but most participants said the contracting process is not holding them back.

“It used to be the in-vogue complaint was, ‘Oh, it’s all procurement’s fault,'” one executive said. “But actually, procurement has gotten much better. What our agency is grappling with is the IT monstrosity that came out of” the Federal Information Security Management Act.

“FISMA came out because we were doing these things wrong in government,” he acknowledged. “But now we’ve created this very burdensome process that is not well-aligned to where cloud architecture is going,” and agencies must find new ways to navigate that process. “Obviously, we can’t bend security principles, [but without a new architecture,] you’re waiting two years to deploy. That’s not innovation. That’s not acceptable in this day and age.”

Keep reading this article at: https://fcw.com/articles/2019/02/21/fcw-perspectives-innovation.aspx

By

Proposed FAR change extends cybersecurity requirements to contractors

The Defense Department, General Services Administration and NASA are proposing a change to the Federal Acquisition Regulation that would require contractors to secure computer systems that contain government information.

If approved, the change would extend the requirements of the Federal Information Security Management Act of 2002, or FISMA, to “contractor information systems that contain or process information provided by or generated for the Government,” according to an Aug. 24 notice posted in the Federal Register.

Keep reading this article at: http://www.fiercegovernmentit.com/story/proposed-far-change-extends-cybersecurity-requirements-contractors/2012-08-29?utm_medium=nl&utm_source=internal.

 

Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter