Political Effects of FISMA
Carter Hendrick
Old Dominion University School of Cybersecurity
CYSE 425W: Cyber Strategy and Policy
Teresa Duvall
9/29/2024
Political Effects of FISMA
After the Federal Information Security Management Act was enacted, we saw many changes in our infrastructure and level of information security, eventually it was rewritten as the Federal Information Modernization Act. This gave us even more development of security within the E-Government acts. While there are many changes even happening now, how has this policy changed perspectives on the political stage? At what point will E-Government policies start to overreach into the publics personal lives to keep Americans safe.
Senate Reform FISMA in 2014
FISMA, first released in 2002 as part of a series of electronic government acts to bolster American IT foundations. FISMA then saw a reform in 2014, in which Ken Durban, the continuous monitoring practice manager for Symantec, made a comment during a webcast on June 24th that the policy needed an overhaul (Williams, J.). The revision that was made to FISMA did not drastically change it but instead cut unnecessary paperwork from the process and streamlined the policy for the emergence of continuous monitoring (Williams, J.). What this does is make it so that agencies do not have to report on their security every three years, and clarify the roles played by the many different agencies involved with the FISMA policy. This will change the way FISMA metrics are created. Instead of the Department of Homeland Security (DHS) and Office of Management and Budget (OMB) working in conjunction to create the metrics, it will instead be the DHS developing the metrics and the OMB overseeing and checking after they are created (Williams, J.). It makes sense to do this because less checking will have to happen during the process slowing it down and instead have one large check be done after the creation of the FISMA metrics.
Challenges of E-Government Acts
While maintain a focus on the FISMA policy, there is also general difficulty of implementing electronic government acts because of the need to balance security and privacy. This is not as big of an issue with government devices, but still holds relevance overall. Siefert, J. W. States in “A Primer on E-Government” on page 103 that “It is important to stress at this point the multidimensional nature of those issues,” referring to the implementation of E-Government acts. Seifert elaborates that the government can develop and implement services and enhanced infrastructure, but to do so would be difficult without considering the security, privacy, and disparity of access to computers that people face. This applies to the FISMA policy because of how the policy interacts with information security within government agencies. There would be better security if all personal devices were restricted within agencies and other business that are commonly used my government agencies, which is done to some extent, however we then move into issues related to privacy and possible infringement of constitutional rights should these acts including FISMA start extending regulation to how government personnel are required to conduct themselves at home. In that case it could be argued that the policies are affecting lives in negative ways, which could lead to political backlash.
FISMA going forward
In more recent years FISMA has been taken into review and revised once again in another attempt to keep up with the development of information security. Chairman Gary Peters and Senator Josh Hawley have sponsored a bill in 2023 to reform FISMA to better fit President Biden’s executive order to improve American cybersecurity (Jones, J. H.). This bill would see the role of Federal Chief Information Security Officer codified and working in the office of the federal CIO (Jones, J. H.). This would also lead to better communication between many agencies like the OMB and Cybersecurity Infrastructure Security Agency that work together to develop Americas cybersecurity (Jones, J. H.). The senators involved with this bill ensure that the reform to FISMA will help to keep the modernization of American information security on track with modern day threats and keep government information safe and secure.
Conclusion
In summary, FISMA and many other E-Government policies are constantly developing to protect the American public and keep government secrets away from opposing nations, as well as hackers within America itself. Politicians face the challenge of maintain the balance of public privacy and government security. In order to keep the public happy, it is imperative to keep their privacy at the forefront of concerns for as long as possible.
Works Cited:
- Jones, J. H. (2023, July 26). Fisma Reform bill advances in Senate. FedScoop. https://fedscoop.com/fisma-reform-bill-advances-in-senate/
- Seifert, J. W. (2007). Chapter 3, A Primer on E-Government: Sectors, Stages, Opportunities, and Challenges of Online Governance. In E-Government in High Gear (pp. 99–128). essay, Nova Science Publishers.
- Williams, J. (2016, December 26). Senate moves to reform FISMA. FedScoop. https://fedscoop.com/senate-moves-reform-fisma/