FISMA is the Federal Information Security Management Act. It is a high-level law that mandates a level of cybersecurity for all federal agencies and federal contractors. It was enacted by Congress in 2002 and updated in 2014.
While FISMA delegates cybersecurity responsibility to the various federal departments and agencies, it also centralizes a significant amount of cybersecurity functions (including mandates) to the Department of Homeland Security (DHS) and leaves the nitty-gritty standards and guidelines to the National Institute of Standards and Technology (NIST) to hammer out.
In this cyber environment, it is important to have a robust Information Security Management System (ISMS), but how do you know if you have a strong ISMS?
Well it's as simple as filling out a questionnaire!
Overview of the Federal Trade Commission in regards to cybersecurity:
“HiTRUST: Burdensome, But Worth It if You Have the Resources”
For the past few months the challenges facing the country’s medical infrastructure has been all over the news. Mostly these issues have focused on medical supplies and capacity, but as with any organization the IT needs of these medical facilities are also of the utmost criticality.
Digital Edge has just successfully completed its annual AWS Partner Network compliance requirement. Being an AWS Partner provides Digital Edge with numerous resources and benefits that we can pass on to our customers. Also, our CEO has also just announced that Digital Edge will be upgrading our status with AWS over the next year!
Lately, and for good reason, the top thing on people’s minds has been the COVID-19 Coronavirus. Any change from normal operations will inherently be less secure, because often the processes are unfamiliar and have not been ironed out to the extent that a company’s normal operations have been. In a situation like we are facing now, with widespread teleworking, a company’s prime security concern should be the correct implementation of a strong teleworking policy.
Keith Barry explains the importance of being a risk driven IT organization and breaks down the 7 steps of how to successfully become one. Based off of the full article online: https://knowledge.digitaledge.net/compliance/risk-driven-information-technology-organization/
“Don’t Forget About Negligence – It Hasn’t Forgotten you”