Category: FISMA

Chilling Database Security Horror Stories That Show How Scary Exploits Can Be

Posted October 26, 2012 by TeamSHATTER Admin in Attack Vectors, Data Breach, Database Security, FISMA with 0 comments

Database security may not be quite as sexy as a teenage party in a classic horror film. But when it’s done wrong, technology executives, CEOs, and customers alike would shiver at the consequences. Don’t think so? Then read just a few of the horror stories laid out by some of the grizzled penetration tester vets we quizzed here. Their exploits show how scary bad database security can really be. Click for complete article >>

Click for complete article >>

U.S. Environmental Protection Agency Scolded For Poor Security Practices

Posted August 24, 2012 by TeamSHATTER Admin in Data Breach, Database Security, FISMA, Government (Federal) with 0 comments
broken link

The U.S. Environmental Protection Agency (EPA) needs to clean up its security act, according to the investigative arm of Congress. In a report released this week, the federal Government Accountability Office (GAO) found that the department charged with protecting human health and the environment is falling short at protecting its systems from unauthorized access. Click for complete article >>

Click for complete article >>

Will Federal Legislation Encourage Cyber-Threat Information Sharing?

Department of Homeland Security

Ten Republicans and one Democrat have sponsored a House bill that’s aimed to protect the nation’s critical infrastructure, including the financial services systems, healthcare, electric grid and water facilities. Known as the the Precise Act, the Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act of 2011, or HR 3674, would require the Department of Homeland Security to conduct an evaluation of cybersecurity risks to critical infrastructure and determine the best mitigation methods. The legislation also would establish the National Information…

Click for complete article >>

NIST Publishes Guide for Monitoring Security in Information Systems

Posted October 17, 2011 by TeamSHATTER Admin in Compliance, Database Security, FISMA, Government (Federal), NIST with 0 comments
Data Security Government Building

If your organization needs to follow the National Institute of Standards and Technology (NIST) data security framework, the institute just released a new computer security publication. The publication is intended to help organizations understand their security posture against threats and vulnerabilities and determine how effectively their security controls are working.

In terms of database security, NIST clearly spells out some essential steps to making data more secure. These steps revolve mostly around managing database assets, monitoring for breaches and creating effective policies. Read below for more details.

Click for complete article >>

GAO: Federal Network Security Breaches Spike 650 Percent

Posted October 4, 2011 by TeamSHATTER Admin in Data Breach, Database Security, FISMA, Government (Federal), Survey / Research, User Rights with 0 comments
federal cyber security

Reports of network security incidents at federal agencies have soared 650 percent during the past half-decade, jeopardizing the confidentiality and integrity of sensitive government information, federal auditors charged in a congressionally mandated report. The most prevalent types of cyber events included infections from malicious code — 30 percent of incidents; violations of acceptable use policies; and intrusions into networks, applications and other data resources, states a Government Accountability Office report released on Monday. GAO auditors are required by law to…

Click for complete article >>

FISMA Compliance To Require Monthly Reports

Posted September 22, 2011 by TeamSHATTER Admin in Database Security, FISMA, Government (Federal) with 0 comments
office of management and budget FISMA

Federal agencies soon will be required to report on their information security health on a monthly basis, instead of annually, according to a memo from the federal Office of Management and Budget. As part of their compliance with the Federal Information Security Management Act (FISMA), agencies must, beginning next month, submit data from their automated security management tools into CyberScope, an application that went online in 2009, and is used to securely and efficiently report security-related information and provide analysis….

Click for complete article >>

Reports: DHS, IRS Databases At Risk

DHS IRS Database Security

Some of the federal government’s most critical agencies are falling down on database security with misconfigurations, vulnerabilities, and a lack of best practices, putting sensitive citizen and defense information at risk as a result, new government audits show. Just this week, the Office of the Inspector General (IG) found that the Department of Homeland Security (DHS) — the agency in charge of ensuring Federal Information Security Management Act (FISMA) compliance among all government agencies — itself has a number of…

Click for complete article >>

Officials Condemn WikiLeaks, Discuss Preventative Measures

Posted November 30, 2010 by TeamSHATTER Admin in Data Breach, Database Security, DISA-STIG, FISMA, Government (Federal), User Rights with 0 comments

Government officials condemned the publication of hundreds of thousands of sensitive, classified State Department cables by WikiLeaks this week. The website published the documents that detail private U.S. diplomatic discussions with foreign governments. The cables are candid reports by diplomats and, seen by themselves, can give an incomplete picture of the relationship between the United States and the foreign governments, White House officials said “To be clear, such disclosures put at risk our diplomats, intelligence professionals, and people around the…

Click for complete article >>
Powered by