Using FISMA To Build Your Security Initiative

  /     /     /  
Publicated : 22/11/2024   Category : security

Using FISMA To Build Your Security Initiative


Government compliance standards can help drive improvements in enterprise security


[The following is excerpted from FISMA Lifts All Compliance Boats, a new report published this week in Dark Readings
Compliance Tech Center
.]
FISMA, or the Federal Information Security Management Act, is both easier and more difficult to comply with than many other security mandates because of its level of exacting specificity.
FISMA, a U.S. federal law enacted in 2002, mandates a baseline of computer and network security within the federal government and affiliated parties. The National Institute of Standards and Technology (NIST) has developed the standards and guidelines agencies must follow to implement FISMA. The core tenets of FISMA are included in a few documents put forward by NIST.
NIST breaks down each of the 17 core security control classes into a neatly organized spreadsheet that contains many subcontrols. For example, Account Management is just one of the 22 subcontrols in the Access Control class.
While FISMA goes into very granular detail about what is required for compliance, there are some broader categories of tools, technologies, and strategies that security professionals should be considering when evaluating their FISMA compliance and/or readiness for compliance. Vulnerability scanning, perimeter defense, guest access, malware defense, and log management are just some of the functions outlined by the compliance requirements.
To find out more about FISMAs requirements -- and how they might match up with your goals and directions in enterprise security --
download the full report on FISMA and security
.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Using FISMA To Build Your Security Initiative