Time for a Big-Time FISMA Rewrite
Just for the sake of discussion…
I am thinking that the 2002 Federal Information Security Act may need to be updated in a big way.
With all the security initiatives now out there and the growing awareness of how vulnerable everyone is to attacks, I am not convinced that compliance by federal government departments with the current expectations under FISMA will result in the security posture we all desire.
Here’s the rub as I see it. Technology architectures, solutions and ownership seem to have outstripped the policy and procedural boundaries to which we have been accustomed. Examples:
NEXT STORY: E-Health Needs Better Design