Search FCW

Advanced Search
Subscribe Now!
Table of Contents
Sprint
Business
BPM
CXOs
Columns
Columnists
Defense
E-Government
Elections 2008
Enterprise Architecture
Funding
Homeland Security
Health IT
IPv6
LOB
Management
Procurement
Privacy
Policy
Program Management
State and Local
Security
Technology
Telework
Training and Certification
Workforce

More Topics
resourcecenter
Home
Letters to the Editor
Current Issue/Download
Print/Online Archives
Editorial Calendar
researchstore
resourcecenter
Communications for Continuity Operations

Oracle Resource Center
NEW! Transforming Data Center
Managed Services
Service Oriented Architecture
Training & Simulation
Networking Communications
Security Directives and Compliance
Data Center Virtualization
Air Force ELSG Contract Guide

More >>



Latest News
ADVERTISEMENT




 

OMB does not support bill to update FISMA

By Jason Miller
Published on February 14, 2008

Comment

Click here to comment on this article

Related story links

Rep. Clay introduces another data security bill

OMB wants privacy review details in FISMA reports

GAO: Departments lag on FISMA controls

Newsletters

You might also be interested in these FCW newsletters:

Daily
Security

To learn more, click here.

The Bush administration doesn't support legislation introduced late last year that would modify the Federal Information Security Management Act, an administration official testified today.

The bill, sponsored by Reps. William Clay (D-Mo.), Henry Waxman (D-Calif.) and Edolphus Towns (D-N.Y.), would require agencies to develop policies and plans to identify and protect personal information and to develop requirements for reporting data breaches.

Karen Evans, the Office of Management and Budget’s administrator for e-government and information technology, told House members that current activities being undertaken by agencies are closing the performance gaps and the legislation could cause agencies some unplanned problems.

“We want to make sure the changes are improving security,” Evans said after a hearing before the House Oversight and Government Reform Subcommittee on Information Policy, Census and the National Archives and the subcommittee on Government Management, Organization and Procurement. “We have the same goals, but need to work out the details.”

Evans testified that the foundation of FISMA is sound, and the bill could produce some “unintended consequences” that would “seriously impact established agency security and privacy practices while not necessarily achieving the outcomes of improved privacy and security.”

The measure follows OMB’s 06-16 memo from June 2006 that requires agencies to encrypt personal data using standards that would make the information unusable by unauthorized persons. The legislation also would mandate that agencies establish “minimum requirements regarding the protection of information maintained or transmitted by mobile digital devices.”

The bill also would require agencies to report data breaches in a timely manner to OMB and the Homeland Security Department’s U.S. Computer Emergency Response Center, and it also addresses security for peer-to-peer networks.

Clay said at the hearing that although some real progress has been made under FISMA, he is concerned whether the current requirements and OMB policies are enough to protect agencies from the onslaught of attacks.



upcoming event

Green Computing Summit, Ronald Reagan Building, Washington, DC
December 2 - December 3, 2008

Trusted Internet Connection and the Comprehensive National Cyber Security Initiative, The Willard Intercontinental Hotel, Washington, DC
December 4, 2008


 

head
fcw
issue
First Name State
Last Name Zip
Title Email
     

Home | About | Contact | Customer Help | Privacy Policy | Editorial Info | Advertise | Link policy / Reprints | Site Map


1105 Media, Inc.

© 1996-2008 1105 Media, Inc. All Rights Reserved.