FERC works on FISMA compliance

The Federal Energy Regulatory Commission has spent almost $4 million on cybersecurity in fiscal 2011, but the agency still hasn’t fully implemented all of the security guidelines mandated by the Federal Information Security Management Act — or FISMA.

Sanjay Sardar, FERC’s CIO, joined In Depth with Francis Rose to discuss the agency’s FISMA stance.

He said the commission actually is FISMA-compliant, according to a 2011 cybersecurity audit. However, he noted some controls are still being worked on.

The difference between being FISMA-compliant and secure is complicated, Sardar suggested.

Sponsored content: Agency managers surveyed, many unsure about data storage or how to improve it. Learn more in our next generation data center survey.

And he cited some budget constraints are holding the agency back.