- GDPR’s Data Protection Impact Assessment and its Implications for OrganizationsJanuary 31, 2018
- Strategies to Combat the Rise of Advanced Persistent Threats (APTs)January 31, 2018
- Shielding the Organization in the Fight Against MalwareJanuary 31, 2018
- Minimizing Threats and Vulnerabilities on Mobile PlatformsJanuary 31, 2018
- Managing Vulnerabilities and Risks in the Healthcare SectorJanuary 31, 2018
Today’s complex information systems and networks are enormously beneficial for most users,but they do come with certain inherent risks. That’s why proper information security is so vital to a federal agency’s ability to fend off cyber criminals and protect sensitive national security information.
Federal agencies are an alluring target for hackers because these agencies transmit, process, and store vital, strategic, and confidential information that could be used for personal gain or to harm national interests. As a result of these threats, the Federal Information Security Management Act (FISMA) was created in 2002 to govern the management of information security among federal agencies. The Act requires federal agencies to secure government information and assets against natural and man-made threats.
Specific FISMA requirements are detailed in NIST Special Publication 800-37 (or NIST SP 800-37), NIST SP 800-53, and the Federal Information Processing Standards (FIPS) publications 199 and 200.
It is critical that agencies conduct a FISMA assessment to determine the risks to federal information systems and become compliant with this regulation.
How Wilson Consulting Group will help you
Wilson Consulting Group (WCG) provides knowledgeable and experienced consultants to assist federal agencies to improve their security posture and become compliant with FISMA. Our FISMA assessment service helps federal agencies to:
- Categorize the information to be protected
- Select minimum baseline controls
- Refine controls using a risk assessment procedure
- Document the controls in the system security plan
- Implement security controls in appropriate information systems
- Assess the effectiveness of the security controls once they have been implemented
- Determine agency-level risks to the mission or business case
- Monitor the security controls on a continuous basis