Sign up to save your podcasts
Or
Share FISMA: The Misunderstood Law
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
FISMA: The Misunderstood Law
Interview with Patrick Howard, CISO, Nuclear Regulatory Commission
The problem with Federal Information Security Management Act, says Patrick Howard, is that its original intent of the seven-year-old law that governs federal IT security isn't about compliance.
"The legislation requires risk management, but it has been interpreted as a piece legislation that requires compliance, so we kind of lost sight of risk management ... and that's the biggest problem I see with FISMA today," Howard, chief information security officer at the Nuclear Regulatory Commission, says in an interview with GovInfoSecurity.com.
In the interview, Howard also discussed the NRC's five-year information security strategic plan and the biggest and the top cyber threats NRC IT systems face.
Howard spoke with Eric Chabrow, managing editor of GovInfoSecurity.com.
View all episodes
By GovInfoSecurity.com
3.6
1111 ratings
Interview with Patrick Howard, CISO, Nuclear Regulatory Commission
The problem with Federal Information Security Management Act, says Patrick Howard, is that its original intent of the seven-year-old law that governs federal IT security isn't about compliance.
"The legislation requires risk management, but it has been interpreted as a piece legislation that requires compliance, so we kind of lost sight of risk management ... and that's the biggest problem I see with FISMA today," Howard, chief information security officer at the Nuclear Regulatory Commission, says in an interview with GovInfoSecurity.com.
In the interview, Howard also discussed the NRC's five-year information security strategic plan and the biggest and the top cyber threats NRC IT systems face.
Howard spoke with Eric Chabrow, managing editor of GovInfoSecurity.com.