Archive - Balancing Security and Compliance
"The need to simultaneously achieve regulatory compliance and enhanced security is here to stay. Executives who are increasingly able to identify an acceptable balance between the two will define the next generation of information security leadership." Bruce Klein, Vice President, U.S. Federal Sales, Cisco
Devoting time to audit requirements and scoring methodologies while trying to keep ahead of threats in today's environment is a huge challenge for federal security executives. Cisco Federal Security Thought Leadership provides news, intelligence, and opinions to assist you in establishing an acceptable balance between achieving security and meeting the compliance demands of regulations such as the Federal Information Security Management Act (FISMA).
Subscribe to e-mail updates from the Cisco Federal Security Thought Leadership Program.
Information Assurance Revolution
Transitioning from DITSCAP to DIACAP will provide CIOs an enterprise view of DoD systems and a better method for meeting FISMA requirements. But will this new process achieve greater systems security for DoD?
Federal IT Security Mandates: Help or Hindrance?
Grading On a Curve
David Raikow of GovernmentVAR reports that security assessments are complex and tricky -- and trying to boil them down to widely applicable standards, benchmarks, and certifications is even trickier.
FISMA: Paperwork Or Actual Security
Federal Security Leaders Speak Out on Top Issues
In this radio interview, Ron Ross, FISMA Implementation Project Leader, National Institute for Standards and Technology, says that while attacks on government systems persist, defenses are improving by the day.
Latest in Cybersecurity Awareness
FISMA's cybersecurity awareness training requirements are prompting agencies to develop new tools such as the Department of Defense's CyberCIEGE, a highly interactive commercial-quality video game.
Data Security: Preparing for the Age of the Zettabyte
In dealing with the explosion of the digital universe, organizations need to spearhead the development of organization-wide policies for information governance: information security, information retention, data access, and compliance.
How to Prepare for a FISMA Audit
So what lessons have been learned in six years of FISMA Audits that are critical to business CIOs and CISOs? Evaluate publicly available data on FISMA assessments.
ISO, ITIL and COBIT Triple Play Fosters Optimal Security
One industry analyst group examines how the profile of an organization that uses multiple IT frameworks differs from that of an organization that implements just one set of process controls, or none at all.
2008 GAO Report to Congress
This GAO testimony summarizes agency progress, effectiveness, and opportunities to strengthen federal security.
> Read Full Report (PDF - 417 KB)