Archive - Balancing Security and Compliance

"The need to simultaneously achieve regulatory compliance and enhanced security is here to stay. Executives who are increasingly able to identify an acceptable balance between the two will define the next generation of information security leadership." Bruce Klein, Vice President, U.S. Federal Sales, Cisco

Devoting time to audit requirements and scoring methodologies while trying to keep ahead of threats in today's environment is a huge challenge for federal security executives. Cisco Federal Security Thought Leadership provides news, intelligence, and opinions to assist you in establishing an acceptable balance between achieving security and meeting the compliance demands of regulations such as the Federal Information Security Management Act (FISMA).

SubscribeContent will open in a new window to e-mail updates from the Cisco Federal Security Thought Leadership Program.

Information Assurance Revolution

Transitioning from DITSCAP to DIACAP will provide CIOs an enterprise view of DoD systems and a better method for meeting FISMA requirements. But will this new process achieve greater systems security for DoD?

>Find Out Content will open in a new window
> Comment

Federal IT Security Mandates: Help or Hindrance?

CIOs interviewed in annual survey question whether the burdens of compliance outweigh the return on their IT investments.
> Read More Content will open in a new window
> Comment

Grading On a Curve

David Raikow of GovernmentVAR reports that security assessments are complex and tricky -- and trying to boil them down to widely applicable standards, benchmarks, and certifications is even trickier.
> Add Your Comment Content will open in a new window
> Comment

FISMA: Paperwork Or Actual Security

Of the many blogs discussing federal security compliance, few can compare -- statistically speaking -- to the content presented by this blogger.
> See the Stats Content will open in a new window
> Comment

Federal Security Leaders Speak Out on Top Issues

In this radio interview, Ron Ross, FISMA Implementation Project Leader, National Institute for Standards and Technology, says that while attacks on government systems persist, defenses are improving by the day.
> Listen

Latest in Cybersecurity Awareness

FISMA's cybersecurity awareness training requirements are prompting agencies to develop new tools such as the Department of Defense's CyberCIEGE, a highly interactive commercial-quality video game.
> Read More Acrobat PDF File (PDF - 3.69 MB)

Content will open in a new window
Featured Content

Data Security: Preparing for the Age of the Zettabyte

In dealing with the explosion of the digital universe, organizations need to spearhead the development of organization-wide policies for information governance: information security, information retention, data access, and compliance.

> Read the Reports Content will open in a new window

How to Prepare for a FISMA Audit

So what lessons have been learned in six years of FISMA Audits that are critical to business CIOs and CISOs? Evaluate publicly available data on FISMA assessments.

> Evaluate Content will open in a new window

ISO, ITIL and COBIT Triple Play Fosters Optimal Security

One industry analyst group examines how the profile of an organization that uses multiple IT frameworks differs from that of an organization that implements just one set of process controls, or none at all.

> Learn More Content will open in a new window

2008 GAO Report to Congress

This GAO testimony summarizes agency progress, effectiveness, and opportunities to strengthen federal security.

> Read Full Report Content will open in a new window (PDF - 417 KB)