With an increasing attack surface resulting in millions of new threats every year, partially updating C&A documents every six months, re-mediating a few Plan of Action and Milestones, and updating all docs every three years, won’t, and doesn’t, keep the bad guys out of Federal networks. […]

The U.S. General Services Administration and the Partnership for Public Service recently launched the Playbook: Enterprise Risk Management for the U.S. Federal Government.






[…]

Chief information security officers (CISOs) and other IT executives have become more proactive in their approach to cybersecurity investment and risk management, according to a new study. “Over the past couple of years the landscape has changed dramatically,” researchers at Southern Methodist University’s Darwin Deason Institute for Cyber Security found. “Cyber risk is now a […] […]