The California Consumer Privacy Act gives the state’s residents the ability to see and control the personal data companies have, share and sell. The privacy act started as a ballot initiative in early 2018 and was signed into law just a few months later in June. After first-round amendments were approved, the effective date was set as January 1, 2020, with an enforcement of July 1, 2020.
compliance
October 1, 2019
The U.S. arsenal boasts diverse weapons that share a common cybersecurity challenge: They depend on power generated by U.S. Defense Department or civilian-owned infrastructures that are increasingly vulnerable to cyber attack. Disrupting the availability of these power systems could impact not only the United States’ ability to project U.S. military power globally but also to respond to a domestic attack.
January 25, 2018
The Defense Information Systems Agency (DISA) now offers service product packages to mission-partner authorizing officials to provide a holistic view of their information systems risk posture. The packages help ensure compliance for mission partners who have programs and systems hosted within the DISA computing ecosystem.
Control Correlation Identifiers (CCIs) within the service packages allow high-level policy framework requirements to be decomposed and associated with low-level security settings to determine compliance with the objectives of that specific security control.
February 25, 2016
OK, your New Year’s resolutions are probably distant memories, but resolutions to improve agency IT security should be yearlong endeavors. Before gearing up to move forward with implementing new fiscal year 2016 IT initiatives, it is a best practice to conduct a security audit to establish a baseline and serve as a comparison to start thinking about how the agency’s infrastructure and applications should change, and what impact that will have on IT security throughout the year.
It’s critical to maintain a consistent focus on security all year long. Security strategies, plans and tactics must be established and shared so that IT security teams are on the same page for the defensive endeavor.
