The House Oversight and Reform Committee and heads of its subcommittees asked interim and current inspectors general of the U.S. intelligence community, the Department of Defense and eight other federal agencies to assess vulnerabilities related to the use of remote-access software to support telework during the COVID-19 pandemic for inclusion in their fiscal year 2021 cybersecurity evaluation in compliance with the Federal Information Security Modernization (FISMA) Act of 2014.
House lawmakers sent letters to the IGs Wednesday asking them to examine the acquisition, management, security and deployment of collaboration platforms and remote connections to their respective networks, including those facilitated by virtual private networks.
They inquired about the agencies’ implementation of security controls to prevent unauthorized dissemination of personally identifiable and controlled unclassified information; identity, credential and access management of users that allow remote access to networks; and management and distribution of physical and virtual assets that facilitate telework.
The letter also asked about the organizations’ adherence to Trusted Internet Connection 3.0 guidance and implementation of continuous monitoring of networks to detect vulnerabilities and additional security policies in response to pandemic-related telework.
The letters were signed by Reps. Carolyn Maloney, D-N.Y.; Gerry Connolly, D-Va.; Stephen Lynch, D-Mass.; Raja Krishnamoorthi, D-Ill.; Jamie Raskin, D-Md.; and Ro Khanna, D-Calif.
If you want to know more about the latest updates about the Cybersecurity Maturity Model Certification, then check out Potomac Officers Club's CMMC Forum coming up on June 16. To register for this virtual forum and view other upcoming events, visit the POC Events page.