This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • Home
  • News
    • Security Newswire
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • Columns
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
    • The Risk Matrix
  • Management
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • Physical
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • Cyber
  • Sectors
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • Exclusives
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • Events
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
    • Security 500 West
  • Resources
    • The Magazine
      • This Month's Issue
      • Digital Edition
      • Archives
      • Professional Security Canada
    • Videos
      • ISC West 2019
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
    • Continuing Education
  • InfoCenters
    • Building AppSec in Enterprises
    • Video Management Systems
  • Contact
    • Editorial Guidelines
  • Advertise
Home » Federal Agencies Lagging on FISMA Compliance
Cyber Security NewsSecurity Newswire

Federal Agencies Lagging on FISMA Compliance

Generic Image for Cyber Security
March 16, 2012
KEYWORDS cyber security / Federal agencies / FISMA / security compliance
Reprints
No Comments

Federal agencies are having a difficult time meeting the cybersecurity requirements of the Federal Information Security Management Act (FISMA), according to a recently released Office of Management and Budget (OMB) report. 

According to an article from Information Week, half of the 24 agencies reviewed slipped past their compliance rating from last year. Only seven agencies achieved more than 90 percent compliance. 

Inspector generals were asked to assess IT security programs in 11 areas, including risk management, configuration management, security training, contingency planning and identity and access management, the article says. 

The National Science Foundation topped the list with 98.8 percent compliance, which is still a slight slip from last year's 98.9 percent, the article reports. Other high-achieving organizations include the Social Security Administration, the Environmental Protection Agency, the Nuclear Regulatory Commission, the Department of Homeland Security, NASA and the Department of Justice, all of which scored above 90 percent. 

Eight agencies achieved 66 percent or higher compliance, but nine scored at a 65 percent or less. The Department of Transportation (44.2 percent), the Department of Interior (44.2 percent) and the Department of Agriculture (32.5 percent) were all at the bottom of the list. The Department of Defense was not even included in the OMB report because it did not provide enough detail for FISMA compliance scoring, according to the article. 

Despite the low scores, more than 75 percent of the agencies can now provide automated data feeds through Cyberscope, an online compliance tool. According to the article, only 17 percent could use it in 2010. The DHS plans to analyze the Cyberscope data to help mitigate risks across agencies.

Three priorities have also been identified in the report: trusted Internet connections, continuous monitoring and HSPD-12, which requires agencies to upgrade their physical and logical access control infrastructure to require HSPD-12 PIV credentials to access IT systems and facilities, the article says. 

Agencies are already making progress against these priorities, as 89 percent of employees and contractors requiring PIV credentials have received them. Sixty-six percent of government user accounts are also configured to require PIV cards to authenticate to agencies' networks, an increase from fiscal year 2010's 55 percent, according to Information Week.

Subscribe to Security Magazine

Related Articles

Federal Agencies Increasing Their Focus on Insider Threats

FBI, Federal Agencies Brief Energy Sector on Data Breaches, Cyberattacks

Federal Agencies Faced 31,107 Cybersecurity Incidents in 2018

You must login or register in order to post a comment.

Report Abusive Comment

Subscribe For Free!
  • Print & Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

cybersecurity breach

The Top 12 Data Breaches of 2019

ransomware-enews

British American Tobacco Suffers Data Breach and Ransomware Attack

Dispelling the Dangerous Myth of Data Breach Fatigue; cyber security news

Major Retailer Macy's Is Hacked

server room, cybersecurity, penetration testing,

Explained: Firewalls, Vulnerability Scans and Penetration Tests

SEC1219-Cover-Feat-slide1_900px

Contracted vs. In-House Guarding: No Universal Right Answer

SEC2019_Everbridge_1119_360x184customcontent

Events

December 17, 2019

Conducting a Workplace Violence Threat Analysis and Developing a Response Plan

There are few situations a security professional will face that is more serious than a potential workplace violence threat. Every security professional knows and understands that all employers have a legal, ethical and moral duty to take reasonable steps to prevent and respond to threats of violence in their workplace.
January 23, 2020

The Value of a Unified Approach to Critical Event Management

From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe. Organizations need to be prepared through a unified and rapid response to these events.
View All Submit An Event

Poll

Emergency Communications

What does your enterprise use to communicate emergencies to company employees?
View Results Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 6th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
SEC500_250x180 clear

Security Magazine

SEC-December-2019-Cover_144px

2019 December

This month, Security magazine brings you the 2019 Guarding Report, featuring David Komendat, Boeing CSO, and many other public safety leaders to discuss threats and solutions for 2020 and security officer training. Also, we highlight Hector Rodriguez, Director of Public Safety and Security at Marymount California University, CCPA regulations, NIST standards, VMS and much more.

View More Create Account
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners

Copyright ©2019. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing