Federal It Security

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems. Learn how to build a robust, near real-time risk management system and comply with FISMA Discover the changes to FISMA compliance and beyond Gain your systems the authorization they need

FISMA and the Risk Management Framework: The New Practice of Federal Cyber Security deals with the Federal Information Security Management Act (FISMA), a law that provides the framework for securing information systems and managing risk associated with information resources in federal government agencies. Comprised of 17 chapters, the book explains the FISMA legislation and its provisions, strengths and limitations, as well as the expectations and obligations of federal agencies subject to FISMA. It also discusses the processes and activities necessary to implement effective information security management following the passage of FISMA, and it describes the National Institute of Standards and Technology's Risk Management Framework. The book looks at how information assurance, risk management, and information systems security is practiced in federal government agencies; the three primary documents that make up the security authorization package: system security plan, security assessment report, and plan of action and milestones; and federal information security-management requirements and initiatives not explicitly covered by FISMA. This book will be helpful to security officers, risk managers, system owners, IT managers, contractors, consultants, service providers, and others involved in securing, managing, or overseeing federal information systems, as well as the mission functions and business processes supported by those systems.

In recent years, Indigenous peoples have lead a number of high profile movements fighting for social and environmental justice in Canada. From land struggles to struggles against resource extraction, pipeline development and fracking, land and water defenders have created a national discussion about these issues and successfully slowed the rate of resource extraction. But their success has also meant an increase in the surveillance and policing of Indigenous peoples and their movements. In Policing Indigenous Movements, Crosby and Monaghan use the Access to Information Act to interrogate how policing and other security agencies have been monitoring, cataloguing and working to silence Indigenous land defenders and other opponents of extractive capitalism. Through an examination of four prominent movements — the long-standing conflict involving the Algonquins of Barriere Lake, the struggle against the Northern Gateway Pipeline, the Idle No More movement and the anti-fracking protests surrounding the Elsipogtog First Nation — this important book raises critical questions regarding the expansion of the security apparatus, the normalization of police surveillance targeting social movements, the relationship between police and energy corporations, the criminalization of dissent and threats to civil liberties and collective action in an era of extractive capitalism and hyper surveillance. In one of the most comprehensive accounts of contemporary government surveillance, the authors vividly demonstrate that it is the norms of settler colonialism that allow these movements to be classified as national security threats and the growing network of policing, governmental, and private agencies that comprise what they call the security state.