The U.S. Department of Homeland Security will provide support as agencies automate the reporting of security data as required by the Federal Information Security Management Act (FISMA). Agencies will "develop automated risk models and apply them to the vulnerabilities and threats identified by security management tools," according to the guidance, which was developed with input from an interagency task force.
"We are shifting the focus from old-styled, paper-based reports to real-time electronic data that feed directly and immediately into security monitoring and alert systems. This change means that agencies will be able to identify vulnerabilities faster and actively protect against attacks," Federal CIO Vivek Kundra wrote in a blog Wednesday, April 21.
FISMA data for fiscal year 2010 will be reported through CyberScope, an online reporting tool launched last October.