The Federal Information Security Modernization Act of 2014 (FISMA) is a United States legislation that amends the Federal Information Security Management Act of 2002. FISMA updates the federal government's cybersecurity practices by focusing on automating continuous monitoring of federal information systems and integrating security throughout the technology life cycle.
FISMA was enacted to improve the security of federal information and data while promoting the development of a more robust cybersecurity framework within federal agencies. It emphasises the importance of continuous monitoring and risk management, reducing the compliance costs associated with security, and enhancing the effectiveness of security programs. By focusing on continuous monitoring and risk management, FISMA helps secure federal information systems against emerging threats and vulnerabilities, ensuring the integrity, confidentiality, and availability of federal data.
FISMA 2014 is currently in force and continues to shape the cybersecurity landscape of the federal government in the United States. It requires ongoing compliance and adaptation as cybersecurity threats evolve and new technologies emerge.
