Network Security: Detailed info on Government Compliance

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Government Compliance

from [Security Professional] Network Security

[Permanent Link]

Subject:	Government Compliance
Date:	Thu, 16 Jun 2005 08:03:01 -0400

Dave,

I hear your concerns.  I too perform red teaming for the govt. and
deal with FISMA all the time.  The problem with FISMA is that it is
treated as a "check in the box" and not as an important security
mandate.  People are "aggrivated" by it and just do the minimum to be
able to check off the box and move on.

This is typical in the govt. most places you go.  It's just the nature
of the beast.  But, what your team should be doing is not only the
check in the box type tests, but also full blown pen-tests year round.
 This needs to be initiated by your immediate supervisor and moved up
the chain from him / her.  If it is brought directly to the higher
ups, they won't understand the need for constant red teaming because
they "think" you already have this happening for FISMA requirements.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Government Compliance, Dave Re: Government Compliance, Kevin Lee Re: Government Compliance, David J. Bianco Re: Government Compliance, Diego Kellner RE: Government Compliance, Robert Hines Re: Government Compliance, Jay D. Dyson Re: Government Compliance, R. DuFresne AW: Government Compliance, Jörg Maaß Government Compliance, Security Professional <= RE: Government Compliance, Kasyan, Walter A (Tony) RE: Government Compliance, Smith, Michael J. Re: Government Compliance, Tim Adams RE: Government Compliance, Keith T. Morgan RE: Government Compliance, Todd Towles Re: Government Compliance, frank_kenisky Re: Government Compliance, Jeffrey Denton RE: Government Compliance, L. Walker

Previous by Date:	Re: Government Compliance, Kevin Lee
Next by Date:	Re: Government Compliance, David J. Bianco
Previous by Thread:	AW: Government Compliance, Jörg Maaß
Next by Thread:	RE: Government Compliance, Kasyan, Walter A (Tony)
Indexes:	[Date] [Thread] [Top] [All Lists]