| Document Type
|
:
|
BL
|
| Record Number
|
:
|
855118
|
| Title & Author
|
:
|
Information security across federal agencies : : analysis of adequacy andeffectiveness /\ Shane Palmer, editor.
|
| Publication Statement
|
:
|
New York :: Novinka,, [2016]
|
| Series Statement
|
:
|
American Political, Economic, and Security Issues
|
| Page. NO
|
:
|
1 online resource.
|
| ISBN
|
:
|
1634849531
|
|
|
:
|
: 9781634849531
|
|
|
:
|
1634849485
|
|
|
:
|
9781634849487
|
| Notes
|
:
|
Includes index.
|
|
|
:
|
Minimal Level Cataloging Plus.
|
| Contents
|
:
|
INFORMATION SECURITY ACROSS FEDERAL AGENCIES ANALYSIS OF ADEQUACY AND EFFECTIVENESS ; INFORMATION SECURITY ACROSS FEDERAL AGENCIES ANALYSIS OF ADEQUACY AND EFFECTIVENESS ; CONTENTS ; PREFACE ; Chapter 1 FEDERAL INFORMATION SECURITY: AGENCIES NEED TO CORRECT WEAKNESSES AND FULLY IMPLEMENT SECURITY PROGRAMS* ; WHY GAO DID THIS STUDY ; WHAT GAO RECOMMENDS ; WHAT GAO FOUND ; ABBREVIATIONS ; BACKGROUND; New FISMA Requirements Clarify Roles and Responsibilities ; CONTINUED WEAKNESSES PLACE FEDERAL AGENCIES' INFORMATION AND INFORMATION SYSTEMS AT RISK
|
|
|
:
|
Agencies Reported Operating Fewer Systems and Relying More on Contractor-Operated SystemsMore Agencies Implemented Privacy Requirements ; Amount of Spending on Information Security Varied Among Agencies ; NIST Continues to Provide FISMA-Related Guidance to Agencies ; Inspectors General Report on Agency Implementation of FISMA ; OMB and DHS Continue Actions, but Opportunities Remain for Improving Annual Reporting of Agency Information Security Programs ; Guidance for Reporting Agency Evaluations Was Not always Complete ; CONCLUSION ; RECOMMENDATION FOR EXECUTIVE ACTION
|
|
|
:
|
Federal Efforts Are Underway to Improve Security Cybersecurity Cross-Agency Priority Goals ; The National Cybersecurity Protection System (NCPS) ; The Continuous Diagnostics and Mitigation (CDM) Program ; The National Initiative for Cybersecurity Education (NICE) ; The Federal Risk and Authorization Management Program (FedRAMP) ; The Cyber and National Security Team (E-Gov Cyber) ; The 30-Day Cybersecurity Sprint ; AGENCIES' IMPLEMENTATION OF FISMA 2002 REQUIREMENTS WAS MIXED ; More Agencies Implemented Risk Management Activities ; Most Agencies Had Documented Policies and Procedures
|
|
|
:
|
Number of Agencies with Sufficient Security Planning Decreased Number of Agencies Providing Sufficient Security Awareness Decreased and the Percentage of Personnel Receiving Specialized Training Decreased ; Fewer Agencies Are Periodically Testing and Continuously Monitoring Controls; Increasing Number of Agencies are Generally Implementing Elements of a Remediation Program, but Weaknesses Remain ; Agencies' Efforts to Implement Incident Response and Reporting Varied ; Fewer Agencies Had Adequate Contingency Plans
|
|
|
:
|
Number of Incidents Reported by Federal Agencies Continues to Increase Cybersecurity Deficiencies Continue to Place Systems at Risk ; Agencies Exhibited Weaknesses in All Major Categories of Controls; Most Agencies Had Weaknesses in Access Controls ; Agencies Did Not Fully Implement Controls for Configuration Management ; More Than Half of the Agencies Did Not Segregate Incompatible Duties ; Agencies Had Weaknesses in Continuity of Operations; Agencies Did Not Effectively Manage Security ; We and Inspectors General Recommended Actions to Strengthen Information Security
|
| Subject
|
:
|
Cyber intelligence (Computer security)-- United States.
|
| Subject
|
:
|
COMPUTERS-- Security-- General.
|
| Subject
|
:
|
Cyber intelligence (Computer security)
|
| Subject
|
:
|
United States.
|
| Dewey Classification
|
:
|
352.380973
|
| LC Classification
|
:
|
KF27.I546 2016
|
| Added Entry
|
:
|
Palmer, Shane
|