New handbook: Media Protection (MP)
Why we have an MP policy
The ISPG Policy team published the new Media Protection (MP) Handbook early in September 2024.
Media Protection exists to protect media within an organization, and the definition of media is fairly broad: all physical devices, writing surfaces, and communication channels that include storage capabilities. Whether the communication is digital or in print and on paper, the MP policy covers proper handling and governance.
ZT Scary Zoom Background Contest
Join in some spooky fun!
Create an original Zoom Background with the theme “Scary Security Issues” in honor of Cybersecurity Awareness Month. Highlight a security issue or named vulnerability while also celebrating the best holiday of the year – Halloween! Show it off at the October 22, 2024, Zero Trust Ambassadors Office Hours and be entered to win a prize!
CMS Media Protection (MP) Handbook
What is Media Protection (MP)?
Media Protection (MP) is the safeguarding of media within an organization. The term “media” broadly refers to physical devices or writing surfaces. This includes all channels of communication with storage capabilities — everything from printed paper to digital data onto which information is recorded, stored, or printed within an information system.
GitHub Secret Scanning: Enhancing security, ARS compliance, and Zero Trust
In today's cybersecurity landscape, protecting sensitive information is crucial, especially for organizations working with the Centers for Medicare & Medicaid Services (CMS). GitHub Secret Scanning has emerged as a valuable tool in this effort, not only enhancing security but also aiding in meeting various requirements within the Zero Trust Applications Pillar and the Acceptable Risk Safeguards (ARS) controls.
CMS Information System Contingency Plan (ISCP) Handbook
What is an Information System Contingency Plan?
Contingency planning at the Center for Medicare and Medicaid Services (CMS) is essential for protecting the organization from potential risks and ensuring the continuity of its operations. An Information System Contingency Plan (ISCP) is the cornerstone document of contingency planning, and every CMS system must have one in place.
New IS2P2 updates: What you need to know
The ISPG Policy team regularly revisits the CMS Information Systems Security & Privacy Policy (IS2P2) to incorporate new information, update language, and keep the document up to date.
The most recent revisions came out in June 2024. We’ve called out and clearly identified the six big changes so you can quickly and easily understand what’s new and how it might affect your work.
List of updates
The IS2P2 updates address several gaps:
Cyber360 July - Enhancing financial security
Tips for online financial security
This month, Cyber360 at CMS is focused on financial security. As we move more of our financial lives online, from banking to investing, the need for strong cybersecurity has never been greater. Here are some ways you can protect yourself and your finances.
Tap payments: A smarter way to pay
CMS Cybersecurity and Privacy Training Handbook
Introduction
At CMS, we prioritize the security of our data, systems, and your work environment. Every person here is part of our effort to keep CMS information and beneficiary data safe. Security and privacy are everyone's job. Being aware of cyber threats is an ongoing responsibility that we all share.
Top 5 cybersecurity trends for 2024
Background
The cybersecurity field is ever-evolving, with new threats and technologies emerging constantly. Staying informed about these trends is crucial for protecting our systems and data at CMS.
What is the News?
In this post, we'll explore the top 5 emerging trends in cybersecurity that are transforming how we defend against cyber threats. Understanding these trends will help you stay ahead in the rapidly changing digital security landscape.