The Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency develop cybersecurity metrics – known as Federal Information Security Modernization Act (FISMA) metrics – to be used in the oversight of agencies’ information security policies and practices.

These metrics set forth a maturity baseline for cybersecurity to enable more informed, risk-based decisions and to achieve observable security outcomes. The cybersecurity scores below, derived from those FISMA metrics, represent the Federal Government’s progress in attaining EO 14028 milestones and implementing key cybersecurity measures.

The scores below are derived from FISMA metrics and aligned to the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (Identify, Protect, Detect, Respond, and Recover).

Cimcor Comments & Observations:

Respond and Recover categories are very mature verticals with technologies like SIEMs, back-ups, disaster recovery, and others to meet the objectives defined by NIST. Protect, as well, has had significant focus (Read more...)