FISMA
Integrating the Risk Management Framework (RMF) with DevOps
Information security should be at the heart of every system launched. In accordance with the Federal Information Security Management Act (FISMA), an information technology system is granted an Authority to Operate (ATO) ...
6 Common Compliance Conundrums to Know About
Cyber security assessment initiatives and frameworks abound in the US government, the most important being the Federal Information Systems Management Act (FISMA), passed in 2002. The law’s broad scope included a mandate ...
How to Pick the Right Solution for FISMA SI-7 Compliance
It can be hard to know how to best allocate your federal agency’s resources and talent to meet FISMA compliance, and a big part of that challenge is feeling confident that you’re ...
DoD RMF Part 1: How We Got to the RMF
Over the next few weeks, I plan to post about the RMF process. This will piggy back on and expand upon the article: My Experience with the DoD Version of the RMF ...
U.S. Federal IoT Policy: What You Need to Know
Over the past several months, increased attention has been paid to U.S. federal government policies surrounding internal use of IoT devices. In January 2018, researchers discovered they could track the movements of ...
March Updates on Frameworks & Standards
Last month I posted some information on several information security framework/standards being updated and sense then there have been updated on all of them. So here we go:NIST CSF v1.1. The second ...
