GAO weighs in on need for consistent data classification

In the wake of the recent release of the Report and Recommendations of the Presidential Task Force on Controlled Unclassified Information, the Government Accountability Office on December 15 released a report on Managing Sensitive Information that…

The need to encrypt wireless data is a lesson still being learned

The Wall Street Journal published an article on December 17 reporting that the U.S. military has discovered that wireless video feeds from unmanned Predator drones operating in Iraq are often intercepted by enemy insurgents. The ability…

Revised SP800-37 not ideal, but an improvement

NIST has released for public comment a revision to its Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems.” This document was formerly the “Guide for the Security Certification and Accreditation…

Widespread security problems self-reported at Interior

In a sharp departure from the more typical agency-level FISMA self-assessments, the internal FISMA audit by the Inspector General of the Department of the Interior reveals serious systemic problems in DOI’s security management, with blame focused…

Security issues at NASA highlight challenges in control effectiveness

A report released this month by GAO on what it views as deficiencies in the information security program and security control effectiveness at the National Aeronautics and Space Administration (NASA) serves to highlight once again the…

Government security looks to address outcomes

In an development that should come as a welcome surprise to security watchers critical of U.S. federal information security efforts as too focused on compliance (at the expense of effectiveness), the Federal CIO Council announced last…

Latest loss of veteran data teaches more than one lesson

News this week that the personal records of as many as 70 million U.S. veterans were contained on a faulty hard drive sent by the National Archives and Records Administration (NARA) will once again serve to…