14 DAY TRIAL // The United States’ Federal Information Security Management Act (FISMA) is designed to help federal agencies against cyber threats. However, a new study shows that many federal cyber security professionals lack confidence in FISMA.
According to the report published by MeriTalk and underwritten by NetApp, only 22% of experts rate their cyber security solutions as sufficient and sustainable. On the other hand, in the past 12 months, 64% of agencies were targeted by insiders, 60% by non-state actors, and 48% by state actors.
As far as FISMA is concerned, 53% of the respondents admitted that the act led to an improved security at their agency. However, 86% noted that compliance resulted in increased costs.
So what do cyber security experts think about FISMA? 11% say it’s an “antiquated law,” 21% say it’s not enough to deal with today’s sophisticated cyber threats, while 28% see it as encouraging compliance rather than risk identification and assessment.
“FISMA's compliance model is not keeping up with the evolving security landscape or the security demands,” noted Mark Weber, president of NetApp U.S. Public Sector.
“There is a shift in the industry from compliance to continuous monitoring, and a vast number of new technologies exist to support this change. Our Federal cyber professionals should be given the resources, regulation, and management support to take advantage of these technologies to help thwart cyber security attacks.”
The fact that networks and the amount of data that’s passing through them are constantly growing is not helping either. 35% of respondents have noted that their users are experiencing slower network connections because of the growing amount of data. In addition, 32% are experiencing challenges in handing the data in real time.
When it comes to data breaches, 21% of agencies are unable to determine the source of a breach.
The complete FISMA Fallout: The State of the Union report is available on MeriTalk’s website (registration required).