From: InfoSec News (alertsinfosecnews.org)
Date: Thu Sep 18 2008 - 03:40:32 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.fcw.com/online/news/153820-1.html

By Mary Mosquera
FCW.com
September 17, 2008

The Senate Homeland Security and Governmental Affairs Committee today
considered a bill that would raise the bar for agencies to prove that
they adequately protect sensitive information, and rejected an amendment
that would weaken the measure.

Under the provisions of the Federal Information Security Management Act
of 2008, S. 3474, agencies would implement security measures to fit the
risk and degree of harm that would result from the loss of an agency's
information, or from unauthorized access to that information.

The bill would provide for the Homeland Security Department to conduct
penetration testing of civilian agencies’ systems and for Congress to
evaluate agencies’ information security plans.

The legislation would also establish a Chief Information Security
Officers Council so agency CISOs could share best practices. The measure
also would enlarge the authority of agency CISOs to enforce compliance
in consultation and collaboration with the chief information officer.
Under current law, the CISO’s job is to assure compliance.

[...]

__________________________________________________
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!
http://conference.hackinthebox.org/hitbsecconf2008kl/

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]