IG review of FISMA requirements says DOD lacks cybersecurity oversight

摘要

The Defense Department's inspector general has issued a summary of past reports that includes a review of the Pentagon's implementation of the Federal Information Security Modernization Act and reiterates concerns about a lack of management oversight of cybersecurity risks. "However, the DOD needs to continue focusing on managing cybersecurity risks related to governance, asset management, information protection processes and procedures, identity management and access control, security continuous monitoring, detection processes, and communications," the IG states in its summary of reports from July 2017 through June 2018 issued this month.