New threats related to cybersecurity are causing a shift in focus from compliance to risk-based protection, resulting in new requirements for system security and contingency plans, a greater push for continous monitoring, and a stronger emphasis on configuration management and incident reponse.

The US Federal Information Security Management Act (FISMA), originally enacted in 2002 and currently undergoing considerable revision, establishes clear criteria to improve US federal agencies' cybersecurity program.   Cybersecurity breaches have become increasingly common, with a 200 percent hike in such breaches over the past three years, according to numbers from a recently released Governemt Accountability Office (GAO) report in which the number of cybersecurity breach-related incidents reported by US federal agencies has risen from 5,503 in fiscal year 2006 to 16,843 in 2008.

How WCS will help you?

WCS will work with federal agencies to ensure that they are compliant with this regulation by:

• Conducting periodic risk assessments
• Developing comprehensive plans for providing adequate information security for networks, facilities, and systems
• Conducting security awareness training
• Conducting regular periodic testing and evaluation of the effectiveness of information security policies, procedures and practices
• Developing procedures for detecting, reporting and responding to security incidents
• Developing plans and procedures to ensure continuity of operations (COOP).