The Office of Management and Budget and other federal agencies are falling short on meeting the most critical provision of the Federal Information Security Management Act, a security expert and Hill staff member said. Bob Dix, staff director for the House Government Reform Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census, said OMB has not adequately provided guidance that requires agencies to have minimum security configuration controls for employees’ PCs and notebooks—a key provision in FISMA. Rep. Adam Putnam (R-Fla.), chairman of the subcommittee, by early June will send a letter to OMB administrator for IT and e-government Karen Evans asking her office to place a greater emphasis on this issue to agency CIOs and chief security officers. “This should be a part of the business case reviews so agencies do not purchase systems that don’t have security baked in,” Dix said yesterday at a discussion on FISMA in Washington sponsored by the Center for Democracy and Technology, a Washington nonprofit. “We’ve had discussion with OMB and they agree it needs to be highlighted.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.