MeriTalk: Federal CISO DeRusha Maps FISMA Reform Priorities

“Federal Chief Information Security Officer (CISO) Chris DeRusha today offered an expansive set of ideas for how Congress may undertake reform of the Federal Information Security Modernization Act (FISMA) of 2014 to bring the existing law up to speed with the fast-moving security improvement work underway throughout the Federal government following the release of President Biden’s cybersecurity executive order in May…”

“DeRusha made no hard-and-fast recommendations for reform but talked about two areas he’d like to see Congress focus on.

The first of those, he said, involves testing and validating security arrangements, rather than relying on “self-attestation” by agencies. That would involve agencies moving ‘in a path toward more rigorous application of security testing’ through red and blue-team exercises and penetration testing, and building out vulnerability disclosure programs, he said…”

“The second area he suggested was increasing security automation.

‘This is a continual push that we’ve been on a path for over a decade of using continuous monitoring tools, and using that standardized data to improve awareness, reduce costs,’ and boost the quality of security reporting, he said…” Read the full article here.

Source: Federal CISO DeRusha Maps FISMA Reform Priorities – By John Curran, July 21, 2021. MeriTalk.

0
Tags:

This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 4 days, 15 hours ago.

  • Author
    Posts
  • #132956

    Replies viewable by members only

    0

You must be logged in to reply to this topic.

CONTACT US

Questions?. Send us an email and we'll get back to you, asap.

Sending

©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541512, 
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?