NASA stops focusing on FISMA

NASA’s top security chief has just ordered his staff to move away from FISMA.

Jerry Davis, NASA’s deputy chief information officer for IT security, recently wrote a memo telling his staff to shift away from the practice of making sure systems are FISMA-compliant, and concentrate on the real-time reporting of threats.

Since 2002, agencies have been required to follow FISMA, and critics of the legislation say it forces IT staffs to spend all of their time filling out forms instead of mitigating cyber attacks.

Tom Shoop is editor-in-chief of GovExec. Their sister publication NextGov has been following this development and he brings us details now.


Also, listen to The Federal Drive tomorrow morning, when Jerry Davis himself will explain his thought process to hosts Tom Temin and Amy Morris.