ISPG’s response to the new National Cybersecurity Strategy for 2023
What is the National Cybersecurity Strategy?
The Biden-Harris Administration released a National Cybersecurity Strategy in March 2023, which outlines their vision for a secure and resilient digital environment for the United States.
CMS Information Systems Security & Privacy Policy (IS2P2)
Purpose
As required under the Federal Information Security Modernization Act (FISMA) of 2014 (44 U.S.C. Chapter 35), and in compliance with the updated requirements of the National Institute of Standards and Technology's (NIST) Special Publications (SP) 800-53, Revision 5, and other federal requirements, this Policy defines the framework for protecting and controlling the confidentiality, integrity, and availability of CMS information and information systems.
HHS Policy for Rules of Behavior for Use of Information & IT Resources
1. Nature of Changes
Version 1.0: released July 2013. First issuance of policy.
Version 2.0: released December 2016. Added new statements to:
CMS Breach Analysis Team (BAT) Handbook
Introduction
Whenever there is an incident that has potentially compromised the security or privacy of CMS information or information systems, it is investigated by the Incident Management Team (IMT). They assess whether any categories of sensitive data may be compromised. If so, the incident is considered a suspected breach.