EPISODE · Aug 19, 2009
FISMA: The Misunderstood Law
from Government Information Security Podcast · host GovInfoSecurity.com
Interview with Patrick Howard, CISO, Nuclear Regulatory Commission The problem with Federal Information Security Management Act, says Patrick Howard, is that its original intent of the seven-year-old law that governs federal IT security isn't about compliance. "The legislation requires risk management, but it has been interpreted as a piece legislation that requires compliance, so we kind of lost sight of risk management ... and that's the biggest problem I see with FISMA today," Howard, chief information security officer at the Nuclear Regulatory Commission, says in an interview with GovInfoSecurity.com. In the interview, Howard also discussed the NRC's five-year information security strategic plan and the biggest and the top cyber threats NRC IT systems face. Howard spoke with Eric Chabrow, managing editor of GovInfoSecurity.com.
What this episode covers
Interview with Patrick Howard, CISO, Nuclear Regulatory Commission The problem with Federal Information Security Management Act, says Patrick Howard, is that its original intent of the seven-year-old law that governs federal IT security isn't about compliance. "The legislation requires risk management, but it has been interpreted as a piece legislation that requires compliance, so we kind of lost sight of risk management ... and that's the biggest problem I see with FISMA today," Howard, chief information security officer at the Nuclear Regulatory Commission, says in an interview with GovInfoSecurity.com. In the interview, Howard also discussed the NRC's five-year information security strategic plan and the biggest and the top cyber threats NRC IT systems face. Howard spoke with Eric Chabrow, managing editor of GovInfoSecurity.com.
NOW PLAYING
FISMA: The Misunderstood Law
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m