Skip to main content

Home/ WPPS C-Suite News/ Group items tagged dhs

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
sandy ingram

Infosecurity (USA) - White House cybersecurity proposal shifts FISMA responsibility to DHS - 0 views

www.infosecurity-us.com/...ts-fisma-responsibility-to-dhs

security Privacy compliance FISMA DHS Best Practice

shared by sandy ingram on 07 Jun 11 - No Cached
  • This would in effect shift FISMA implementation responsibility away from the Office of Management and Budget (OMB) and the National Institute for Standards and Technology (NIST) to DHS, “where the knowledge of attacks informs the defense”, Paller said.
  • “DHS has already demonstrated that they are focusing on the critical controls....They are focusing on effectiveness measures, rather than make work”
  • The proposal would also expand the DHS authority over cybersecurity of private networks, particularly critical infrastructure. DHS would have the authority to develop and conduct risk assessments of private sector critical infrastructure systems and share information with the private sector about threats and best practices.
  • ...5 more annotations...
  • “This brings the same rationality to offense informing defense. Instead of telling people that they have to have a good security plan, what DHS’s role will be is to demonstrate what best practices are and make sure people are measuring against those best practices”, Paller said.
  • The White House proposal would also create a national data breach notification requirement standardizing various state laws
  • “The administration's proposal would protect individuals by requiring businesses to notify consumers if personal information is compromised, and clarifies penalties for computer crimes including mandatory minimums for critical infrastructure intrusions.
  • The proposal would improve critical infrastructure protection by bolstering public-private partnerships with improved authority for the federal government to provide voluntary assistance to companies and increase information sharing.
  • It also would protect federal government networks by formalizing management roles, improving recruitment of cybersecurity professionals, and safeguarding the nation's access to cost-effective data storage solutions.”
  • sandy ingram on 07 Jun 11
     
    The White House proposal, which is a comprehensive cybersecurity plan, includes a provision directing the Department of Homeland Security (DHS) "to exercise primary responsibility within the executive branch for information security. This includes implementation of information security policies and directives and compliance" with FISMA, except for national security systems.
sandy ingram

DoD, DHS to align cybersecurity capabilities - 0 views

www.scmagazineus.com/...180992

dod dhs cybersecurity Security Privacy compliance

shared by sandy ingram on 14 Oct 10 - No Cached
  • The new partnership appears to be part of an effort to move past previous agency turf wars. Last March, for example, Rod Beckstrom resigned from his position as director of the DHS' National Cyber Security Center, citing insufficient funding and support. In his letter of resignation to Napolitano, Beckstrom said the DHS's cybersecurity efforts are "controlled" by the NSA. Meanwhile, it is not uncommon for government departments and agencies to enter into formal agreements to work together on certain issues and to “swap” employees to improve synchronization, Marcus Sachs, director of the SANS Internet Storm Center, told SCMagazineUS.com on Thursday. This agreement is particularly important because the DoD and DHS have a joint mission to protect the United States in cyberspace, he said.
  • sandy ingram on 14 Oct 10
     
    The U.S. Department of Defense (DoD) and the Department of Homeland Security (DHS) announced plans Tuesday to streamline their cybersecurity capabilities to better protect the nation's networks. Late last month, Secretary of Homeland Security Janet Napolitano and Secretary of Defense Robert Gates signed an agreement that formalizes processes for the two agencies to work together to protect U.S. networks and critical infrastructure. The agreement outlines a framework whereby the agencies will provide cybersecurity support to one another, and was intended to improve collaboration as the two departments carry out their respective cybersecurity missions.
sandy ingram

Bill Gives DHS Lead on Fed IT Security Policy - 0 views

www.govinfosecurity.com/articles.php

dhs privacy security FISMA IT

shared by sandy ingram on 17 Aug 09 - Cached
  • The thinking behind shifting responsibility to DHS from OMB is that Homeland Security has the cybersecurity expertise whereas OMB's proficiency is budgeting. "Already, the Department of Homeland Security is the coordinating agency on cybersecurity," the staffer said. "Now, what you're doing is drastically strengthening the role of DHS by putting into law and then also, giving them the ability to say, with FISMA, approve or not to approve agencies plans, controls, frameworks, the way they secure their systems."
  • The bill also continues the role of the National Institute of Standards and Technology as the key government agency to develop IT security guidance, but leaves it to DHS the decision which guidance has priority.
  • sandy ingram on 17 Aug 09
     
    The responsibility to oversee information security among federal agencies would shift to DHS from the White House Office of Management and Budget under revisions of the measure, nicknamed U.S. ICE, that updates IT security guidance detailed in the seven-year-old Federal Information Security Management Act (FISMA), according to a senior cybersecurity staff member on the Senate Committee of Homeland Security and Government Affairs.
sandy ingram

Are you ready for a data breach? | Healthcare IT News - 0 views

www.healthcareitnews.com/...are-you-ready-data-breach

data breach HITECH DHS Risk Assessment Compliance

shared by sandy ingram on 23 Jun 10 - Cached
  • sandy ingram on 23 Jun 10
     
    The handling of data breach incidents has become a way of life for healthcare providers and with other HIPAA covered entities. With the passage of the HITECH Act last year, there are now substantial penalties that can be levied, up to $1.5 million. This fact, combined with a requirement to notify the Department of Health and Human Services as well as the media for data breach incidents that affect over 500 individuals has, for the first time, resulted in public records being kept for such incidents. If you oversee privacy, compliance, or IT for a hospital system, a group practice, a health insurance company, other covered entities, or even one of their business associates, the HITECH Act and its privacy and data breach provisions require your close attention. While many people know that HITECH generally creates requirements for data breach notification, there are at least four things you may not know about HITECH that you really should: The requirement for a mandatory incident-specific risk assessment for every incident The fact that HITECH notification provisions do not pre-empt state notification laws Encryption of data does not necessarily alleviate the risk of data breach If your business associate exposes your protected health information (PHI), you are responsible
sandy ingram

Obama hints at cybersecurity shake-up with review: NSA "James L. Jones, a former Marine... - 0 views

news.cnet.com/8301-13578_3-10159975-38.html

Cyber Security Governnent Obama DHS

shared by sandy ingram on 11 Feb 09 - Cached
  • "Our cybersecurity approach to date has not kept up with the threats we've seen."
  • James L. Jones, a former Marine Corps commandant who warned at a speech in Munich over the weekend that terrorists could use "cyber-technologies" to cause catastrophic damage.
sandy ingram

Hathaway: White House Must Lead in Cybersecurity - 0 views

www.bankinfosecurity.com/articles.php

cybersecurity Obama Privacy Security DHS NSA

shared by sandy ingram on 23 Apr 09 - Cached
  • "The White House must lead the way forward with leadership that draws upon the strength, advice and ideas of the entire nation," said Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils.
  • "It can be said that the federal government is not organized appropriately to address this growing problem because responsibilities for cyberspace are distributed across a wide array of federal departments and agencies, many with overlapping authorities and none with sufficient decision authority to direct actions that can address the problem completely,
  • sandy ingram on 23 Apr 09
     
    "The White House must lead the way forward with leadership that draws upon the strength, advice and ideas of the entire nation," Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils. Obama administration cybersecurity advisor
1 - 6 of 6
Showing 20 items per page