New bills lay out procedures for organizations ready to face cybersecurity problems

Dec 17, 2014

Incident Management.jpgFederal agencies should be ready to increase their cybersecurity over the coming years. Recent high-profile hacks have caused widespread panic over the insecurity of U.S. companies, so finding out exactly how to create a  powerful system of defense for groups that host sensitive data has been a major priority. Because there are so many different ways that hackers can attempt to seek access to servers in organizations in the U.S., there are many bases that must be covered. Utilizing top-tier technology and strategies like cloud migration may be in the future for agencies with the need to store and process secure data.

Organizations that are interested in understanding what they may be required to do should review one of the most recent bills passed by the U.S. Senate, the Federal Information Security Modernization Act of 2014. This involves giving the authority to devise federal civilian agency information security policies to the Director of the Office of Management and Budget, while the Homeland Security Secretary must implement those policies. This will include scans of networks of federal civilian government agencies. This bill iscurrently waiting to be signed by the President and is regarded as uncontroversial.

Security and Finances
It is important for agencies that have sensitive data stored on their servers to be sure that their employees understand the necessary safety procedures associated with cybersecurity. According to eWeek, employees will wind up being their organization’s biggest threats. This won’t be due to malicious insiders, but rather the simple lack of security expertise endemic to non-technical workers that might lead them to let a company’s servers be vulnerable to infection or subversion. Letting workers know how they can help and why they need to with cybersecurity is just as important as setting up a server.

As time goes on, it will be increasingly important for agencies to make sure that their cyber security procedures are sound. Being ready to implement the next level of restrictions and procedures in order to protect civilian information will be very important for any agency that deals with sensitive information. Even those that do not commonly use that kind of data should have systems capable of handling encryption from other agencies if that becomes an issue. The days of putting something in a folder marked as “classified” are done for – it is all about technical expertise now.

Category: Cybersecurity