Feds Unlikely To Meet Cybersecurity Compliance Deadline

  /     /     /  
Publicated : 22/11/2024   Category : security


Feds Unlikely To Meet Cybersecurity Compliance Deadline


A Nov. 15 date for federal cybersecurity managers to start using the new CyberScope online reporting tool will be missed by many, as 85% have yet to use the new software.



While the White Houses Office of Management and Budget has set a deadline of November 15 for federal agencies to begin submitting their cybersecurity compliance reports via a new application called CyberScope, rather than with voluminous stacks of paper, 85% of federal cybersecurity managers have yet to use the new software, according to a recent survey.
CyberScope is an automated, interactive reporting portal to support the compliance reporting requirements of the Federal Information Security Management Act. FISMA reporting has long been seen as too arduous and too far removed from operational cybersecurity metrics, but with CyberScope, the government hopes to move toward real-time or continuous monitoring of compliance.
However, a survey by MeriTalk on behalf of several cybersecurity and IT vendors, including ArcSight, Brocade, Guidance Software, McAfee, Netezza, and ImmixGroup, suggests that many federal agencies and IT leaders are not ready for the shift.
In all, only 15% of the high-ranking government IT officials who were surveyed as part of the study in July said they had used CyberScope. While those who had used the tool rated it with an A or B grade, the rest largely say they dont understand CyberScopes goals and submission requirements.
These findings come despite the fact that CyberScope was introduced in October 2009, that the Department of Homeland Security has been offering CyberScope training, and that top officials like federal CIO Vivek Kundra have repeatedly discussed CyberScopes value in addressing concerns about FISMA.
November is right around the corner and Feds should realize the value in embracing this new FISMA reporting tool, Tom Conway, director of federal business development at McAfee, said in a statement. We are working diligently with our federal customers to help leverage their current large investments in security solutions to meet this new compliance mandate.
Of the 85% of survey respondents who hadnt used the tool, 90% dont have a clear understanding of submission requirements, 72% dont clearly understand CyberScopes mission and goals, 69% arent sure the new approach will result in more secure systems, and 55% believe FISMA reporting costs will actually increase due to CyberScope.
Earlier this year, Sen. Tom Carper, D-Del., estimated that FISMAs certification and accreditation process costs the government $1.3 billion annually, with auditing adding another $1 billion. Overall, since 2002, Carper said, the feds have spent more than $40 million on FISMA implementation.
Eventually, the administration wants federal agencies to be able to automatically feed information into the CyberScope tool without the need for manual data entry, but for now, many agencies will save their compliance information via a spreadsheet template and then upload it to CyberScope.

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Feds Unlikely To Meet Cybersecurity Compliance Deadline