1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Federal CISO’s define greatest challenges to authority

Discussion in 'Network World' started by RSS, Sep 15, 2016.

  1. RSS

    RSS New Member Member

    If you are a federal Chief Information Security Officers – or even if you are not, you face some serious trials just to do your difficult job.

    Federal agencies in particular lack clarity on how to ensure that their CISOs have adequate authority to effectively carry out their duties in the face of numerous challenges, a report out this week form the watchdogs at the Government Accountability Office stated.

    +More on Network World: The 7 most common challenges to cloud computing+

    The GAO said that 13 of the 24 agencies it reviewed – including the Departments of Defense, Commerce Energy, Justice and State-- for its report “had not fully defined the role of their CISO in accordance with these requirements. For example, these agencies did not always identify a role for the CISO in ensuring that security controls are periodically tested; procedures are in place for detecting, reporting, and responding to security incidents; or contingency plans and procedures for agency information systems are in place. Thus, CISOs' ability to effectively oversee these agencies' information security activities can be limited,” the GAO stated.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page