Using FISMA To Build Your Security Initiative

  /     /     /  
Publicated : 22/11/2024   Category : security


Using FISMA To Build Your Security Initiative


Government compliance standards can help drive improvements in enterprise security



[The following is excerpted from FISMA Lifts All Compliance Boats, a new report published this week in Dark Readings
Compliance Tech Center
.]
FISMA, or the Federal Information Security Management Act, is both easier and more difficult to comply with than many other security mandates because of its level of exacting specificity.
FISMA, a U.S. federal law enacted in 2002, mandates a baseline of computer and network security within the federal government and affiliated parties. The National Institute of Standards and Technology (NIST) has developed the standards and guidelines agencies must follow to implement FISMA. The core tenets of FISMA are included in a few documents put forward by NIST.
NIST breaks down each of the 17 core security control classes into a neatly organized spreadsheet that contains many subcontrols. For example, Account Management is just one of the 22 subcontrols in the Access Control class.
While FISMA goes into very granular detail about what is required for compliance, there are some broader categories of tools, technologies, and strategies that security professionals should be considering when evaluating their FISMA compliance and/or readiness for compliance. Vulnerability scanning, perimeter defense, guest access, malware defense, and log management are just some of the functions outlined by the compliance requirements.
To find out more about FISMAs requirements -- and how they might match up with your goals and directions in enterprise security --
download the full report on FISMA and security
.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Using FISMA To Build Your Security Initiative