Continuous Monitoring: Diagnostics & Mitigation (FEDRAMP edition)
|
|
- Leo Neal
- 5 years ago
- Views:
Transcription
1 Continuous Monitoring: Diagnostics & Mitigation (FEDRAMP edition) October 12, 2012 A Homeland ~Security
2 ,Risk level Grade Average Risk Score Site Risk Score lsco~ed Hosts I - - \Rank in Enterprise r irank in Region --- Risk Score Summary la+ 5.0 [titb!!y I 4)604,9 lm,- 143 of 313 Organizations, Major Systems Contractor Performance 1 10of42 PAT SCM AVR UOS CSA SOE ADC. ADU SMS VUR SCR Component Risk Seore Scor.ed Objects AvgfObject %of Score liow Componentis Typically Calculated I Vulnerability (VUL) , 17.8% From.1 for the lowest risk vulnerability to 10 for the highest risk vulnerabi lity Patch (PAT) Security Compliance (SCM) 900 ' I % From 3 for each missing '\ow" patch to 10 for each missing '!C:ritical" patch 14.4% From.43 for each failed Group Membership check to.9 for each failed Application log.check Ariti~Virus \AVR') % 6.per day for each signature file older than 6 days :Unapproved OS (UOS) ' G ~ ber?ecurity Awareness Training (CSA) I 900 ; ' % 100 upon detection, then 100 per month up to a maximum of ,6% After 15 da'/s past the annual training expiration date, 1 per day up to a nuximum;of 90. I SOE Compliance (SOE) ThQ % 5 for each mi ssing or incorrect version of an SOE component AD Cpmputers (ADC) M% 1 per day foreach day the AD computer gassword age exceeds 35 days AD Users (ADU) % j1 per day for each account that does not req uire a smart-ca rd and 1~hose password age > 60, plus 5 additional if the pamord never expires SMS Reporting (SMS') o.o % per day for eoch host not reporting completely to SMS. :vulnerability Reporting (VUR) 900i 'i'h jafter a host has no scans for 15 consecutive days, per 7 additional days Totals: 4,60'
3 Results First 12 Months Personal Computers and Servers 1, , ~ ~ 1, ' t Domestic Sites - Foreign Sites 0.0 -l , ,-----, ,---, , ,---y , 6/1/2008 7/21/2008 9/9/2008 i0/29/ /18/2008 2/6/2009 3/28/2009 5/17/2009 7/6/2009 8/25/2009 3
4 Case Study Results 89% reduction in risk after 12 months -.personal computers & servers Mobilizing to patch worst IT security risks first - Mitigation across 24 time zones - Patch coverage 84% in 7 days; 93% in 30 days Outcome: -Timely, targeted, prioritized information -Actionable -Increased return on investment compared to an earlier implementation of FISMA 4
5 Efficiency is Repeatable & Sustained 100% ~ Expected Value (Based on al l reporting machines) 70% -+-Lower Bound (Assumes all non-reporting machines are non-compliant) 60% 50% M StO=Q4-2~-AlTgl1St_2_0_10 Per-ce-nt-of-applicable-dev-ices p-atch-e-d- - 40% 30% 20% 10% when charging 40 points 0-84% in seven (7) days 0-93% in 30 days 0% N N N N N N N N N N m '<!' LO m N N N N N N N N N N N N N N N N N N N N m '<!' LO m N m '<!' LO N N N N N m 0.-1 N N N N N N N N N N m m m m m m m m m m m m m m --- 5
6 L Lessons Learned When continuous monitoring augments snapshots required by FISMA: -Mobilizing to lower risk is feasible & fast {11 mo) -Changes in 24 time zones with no direct contact -Cost: 15 FTE above technical management base This approach leverages the wider workforce Security culture gains are grounded in fairness, commitment and personal accountability for improvement 6
7 Development Phase
8 Federal CIO and CISO Cyber Goals Protect information assets of the US gov't -Availability, integrity and confidentiality Lower operational risk and exploitation of - national security systems -.gov networks, major systems & cloud services Increase situational awareness of cyber status Improve ROI of federal cyber investments Fulfill. FISMA mandates
9 Continuous Diagnosis and Mitigation (COM) 11 Full Operational Capability" (FOC) I Desired State: Minimum Time to FOC for CDM: 3 years; CDM Covers % of controls; Smaller attack surface/ 11 risk" for.gov systems; Weaknesses are found and fixed much faster; Replaces much assessment work ($440M) - And most of the POA&M process ($1.05 B) Risk scores reflect: threat, vulnerability and impact - Used to make clear, informed risk-acceptance decisions Economies reduce total cost yet improve security.
10 Selection of First Year Priorities Implement CMWG focus areas for controls - NSA and CMWG collaboration put in pilots -Complete baseline survey of highest D/A risks Award task orders for sensors and services tailored to agency needs and risk profile Connect initial controls to dashboard - HW/SW asset management/white listing; vulnerability; configuration settings; anti-malware
11 l Use of DHS Appropriated Funds Strategic Sourcing to buy -Sensors (where missing) -A Federal Dashboard -Services to operate the sensors and dashboard in the D/As Labor to mentor and train D/As to use the dashboard to reduce risk efficiently Processes to support CMWG (continuous C&A)
12 ,, ' Stakeholder Consultation DHS and CMWG will consult on program direction and reflect stakeholder concerns of: - CIO Councii/ISIMC, ISPAB - NSS, EOP, NIST, NSA - D/As and components - Industry - FFRDCs -Others
13 Cloud 1!. Dashboard OHS pays f0r all governme,nt Qe(i>-al1trneAt ancl A~era'Gies Security ref'orting to Cyber ScQpe G(i)ntrcad:.mit Defense Industrial Base; others whgj use federal$; plws State, local gov't Continuous DHS Pays for Monitoring Tool initial.gov Agencies Bundles & Departments who choose (Multiple Award) diagnostic capabilities. Can Purchase off of federal contract:.mil, Defense Industrial Base; others who use federal $; plus State, local gov't irect support of government dedicated doud clients with er testing cost embedded. CSP 1 S could buy tools. Department & Agencies!... DHS pays for initial.gov 3. Continuous (or others) pay for custom >-... eust0m 5ystems using Agem;;ies & Department who Monitoring as a systems CM using internal ~ internal funds. may ehoose a diagnostic C&A report money 0 Service (CMaaS) CSP 1 S could buy CMaaS for service provider (cliagnostics and feeds tg> Cyber o:::t o:::t use as ~rct party Assessors. 5cope) "(/'}. 4. Continuous DHS pays to prepare.gov monitoring diagnostic reports & data integration CyberScope feeds Department & Agencies (or Using DHS published others) pay Usiog PHS standards using internal published standards us'ir~g funds internal funds 13
14 BACKGROUND 4t,..
15 '\ I Change to "plan for events" and "respond to events". ~ c ~ redenflals & ~ Autben.ticatfon k m n J 0 4 Families of 14 Effectiveness Measures P (These must be applied to h all technologies and assets) a Generic Audlt/ Mon\todng 6, 7 are assets: They require all the other capabilities applied to them. For an application, it's HW, SW etc. must be managed, inside a boundary, configured and relatively free of vulnerabilities. e d c Manage b One delta would be the extra analysis SW needs pre-operations.
Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011
Federal Continuous Monitoring Working Group March 21, 2011 DOJ Cybersecurity Conference 2/8/2011 4/12/2011 Why Continuous Monitoring? Case for Change Strategy Future State Current State Current State Case
More informationThe next generation of knowledge and expertise
The next generation of knowledge and expertise UNDERSTANDING FISMA REPORTING REQUIREMENTS 1 HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationCyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber
CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber Initiatives 30 January 2018 1 Agenda Federal Landscape Cybersecurity
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationContinuous Monitoring & Security Authorization XACTA IA MANAGER: COST SAVINGS AND RETURN ON INVESTMENT IA MANAGER
Continuous Monitoring & Security Authorization XACTA IA MANAGER: COST SAVINGS AND RETURN ON INVESTMENT IA MANAGER Continuous Monitoring & Security Authorization >> TOTAL COST OF OWNERSHIP Xacta IA Manager
More informationContinuous Diagnostics and Mitigation demands, CyberScope and beyond
Continuous Diagnostics and Mitigation demands, CyberScope and beyond IBM BigFix streamlines federal security compliance with real-time insights and remediation Highlights Meet Continuous Diagnostics and
More informationFedRAMP JAB P-ATO Process TIMELINESS AND ACCURACY OF TESTING REQUIREMENTS. VERSION 1.0 October 20, 2016
FedRAMP JAB P-ATO Process TIMELINESS AND ACCURACY OF TESTING REQUIREMENTS VERSION 1.0 October 20, 2016 MONTH 2015 Table of Contents 1. PURPOSE 3 2. BACKGROUND 3 3. TIMELINESS AND ACCURACY OF TESTING OVERVIEW
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationEnabling Efficient, Consistent Certification and Accreditation Enterprise-Wide
Enabling Efficient, Consistent Certification and Accreditation Enterprise-Wide www.xacta.com Overview Certification & Accreditation The IRS Challenge The Solution: Xacta Web C&A Where Are We Today? Future
More informationEnsuring System Protection throughout the Operational Lifecycle
Ensuring System Protection throughout the Operational Lifecycle The global cyber landscape is currently occupied with a diversity of security threats, from novice attackers running pre-packaged distributed-denial-of-service
More informationUNCLASSIFIED. FY 2016 Base FY 2016 OCO
Exhibit R-2, RDT&E Budget Item Justification: PB 2016 Office of the Secretary Of Defense : February 2015 0400: Research, Development, Test & Evaluation, Defense-Wide / BA 7: Operational Systems Development
More informationWhite Paper. View cyber and mission-critical data in one dashboard
View cyber and mission-critical data in one dashboard Table of contents Rising cyber events 2 Mitigating threats 2 Heighten awareness 3 Evolving the solution 5 One of the direct benefits of the Homeland
More informationThe New Security Heroes. Alan Paller
The New Security Heroes Alan Paller apaller@sans.org How they attack Spam with infected attachments Web sites that have infected content The most dangerous: targeted attacks Fooling the victim into Installing
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationEXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.
EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT An Insight Cyber White Paper Copyright Insight Cyber 2018. All rights reserved. The Need for Expert Monitoring Digitization and external connectivity
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationFISMA Cybersecurity Performance Metrics and Scoring
DOT Cybersecurity Summit FISMA Cybersecurity Performance Metrics and Scoring Office of the Federal Chief Information Officer, OMB OMB Cyber and National Security Unit, OMBCyber@omb.eop.gov 2. Cybersecurity
More informationDepartment of Management Services REQUEST FOR INFORMATION
RESPONSE TO Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 250 South President
More informationExhibit A1-1. Risk Management Framework
Appendix B presents the deliverables produced during the execution of the risk management approach to achieve the assessment and authorization process. The steps required by the risk management framework
More informationIoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
More informationInformation Security Continuous Monitoring (ISCM) Program Evaluation
Information Security Continuous Monitoring (ISCM) Program Evaluation Cybersecurity Assurance Branch Federal Network Resilience Division Chad J. Baer FNR Program Manager Chief Operational Assurance Agenda
More informationISACA Arizona May 2016 Chapter Meeting
ISACA Arizona May 2016 Chapter Meeting Suzanne Farr / Carlos A. Villalba Agenda Introduction Preliminary questions CCM Preliminaries Definition Benefits Challenges Beyond Templates Questions 1 Background
More informationStrengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure Executive Order 13800 Update July 2017 In Brief On May 11, 2017, President Trump issued Executive Order 13800, Strengthening
More informationSOLUTION BRIEF Virtual CISO
SOLUTION BRIEF Virtual CISO programs that prepare you for tomorrow s threats today Organizations often find themselves in a vise between ever-evolving cyber threats and regulatory requirements that tighten
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationCIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra
CIP-014 JEA Compliance Approach FRCC Fall Compliance Workshop Presenter Daniel Mishra Acronyms & Terminologies DHS Department of Homeland Security JEA It s not an acronym JSO Jacksonville Sheriff's Office
More informationFederal Mobility: A Year in Review
Federal Mobility: A Year in Review Link: https://www.dhs.gov/csd-mobile Link: https://www.dhs.gov/publication/csd-mobile-device-security-study Vincent Sritapan Cyber Security Division Science and Technology
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationIT Risk & Compliance Federal
Dell UnisysSoftware Modernization Revolution Survey IT Risk & Compliance Federal Summary Report PulsePoll Results September 2017 JULY 10, 2014 RESPONDENT CLASSIFICATIONS 2 Current Employer From June 19,
More informationCYBERSECURITY MATURITY ASSESSMENT
CYBERSECURITY MATURITY ASSESSMENT ANTICIPATE. IMPROVE. PREPARE. The CrowdStrike Cybersecurity Maturity Assessment (CSMA) is unique in the security assessment arena. Rather than focusing solely on compliance
More informationAgency Guide for FedRAMP Authorizations
How to Functionally Reuse an Existing Authorization Version 1.0 August 5, 2015 Revision History Date Version Page(s) Description Author 08/05/2015 1.0 All Initial Publication FedRAMP PMO 06/06/2017 1.0
More informationAligning Agency Cybersecurity Practices with the Cybersecurity Framework
POINT OF VIEW Aligning Agency Cybersecurity Practices with the Cybersecurity Framework Leveraging Gigamon to Align Cybersecurity Budgets with Desired Business Outcomes 2013-2017 Gigamon. All rights reserved.
More informationFederal Civilian Executive branch State, Local, Tribal, Territorial government (SLTT) Private Sector (PS) Unclassified / Business Networks
Brownsville Public Utilities Board Cyber Security Initiative A result of the BPUB IT Strategic Plan implemented a Cyber Security Framework (CSF) that utilizes : Security standards Tools and Best practices
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationAdvanced Technology Academic Research Council Federal CISO Summit. Ms. Thérèse Firmin
Advanced Technology Academic Research Council Federal CISO Summit Ms. Thérèse Firmin Acting Deputy DoD CIO Cyber Security Department of Defense 25 January 2018 2 Overview Secretary Mattis Priorities Cybersecurity
More informationIBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation
IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationIMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION
IMPROVING CYBERSECURITY AND RESILIENCE THROUGH ACQUISITION Briefing for OFPP Working Group 19 Feb 2015 Emile Monette GSA Office of Governmentwide Policy emile.monette@gsa.gov Cybersecurity Threats are
More informationTop Five Secrets to Successfully Jumpstarting Your Cyber-Risk Program
SESSION ID: GRC-W03 Top Five Secrets to Successfully Jumpstarting Your Cyber-Risk Program Chris Houlder CISO Autodesk, Inc. @chrishoulder chris.houlder@autodesk.com Husam Brohi Director, Cybersecurity
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More information2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager
2018 WTA Spring Meeting Are You Ready for a Breach? Troy Hawes, Senior Manager NIST Cybersecurity Framework (CSF) Executive Order 13636 Improving Critical Infrastructure Cybersecurity tasked the National
More informationFedRAMP: Understanding Agency and Cloud Provider Responsibilities
May 2013 Walter E. Washington Convention Center Washington, DC FedRAMP: Understanding Agency and Cloud Provider Responsibilities Matthew Goodrich, JD FedRAMP Program Manager US General Services Administration
More informationMAXIMIZE SOFTWARE INVESTMENTS
MAXIMIZE SOFTWARE INVESTMENTS with eplus and Cisco ONE Today s Software Challenges Numerous, complicated options for software licensing Unpredictable IT spending Achieving predictable business outcomes
More informationCyber Resilience. Think18. Felicity March IBM Corporation
Cyber Resilience Think18 Felicity March 1 2018 IBM Corporation Cyber Resilience Cyber Resilience is the ability of an organisation to maintain its core purpose and integrity during and after a cyber attack
More informationRisk Management Framework for DoD Medical Devices
Risk Management Framework for DoD Medical Devices Session 136, March 7, 2018 Lt. Col. Alan Hardman, Chief Operations Officer, Cyber Security Division, Office of the DAD IO/J-6 William Martin, Deputy of
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More information2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report
Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report ii Nationwide Cyber Security Review: Summary Report Acknowledgments The Multi-State Information Sharing
More informationSoftware & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management
Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management Joe Jarzombek, PMP, CSSLP Director for Software & Supply
More informationMachine-Based Penetration Testing
Always in Control CyBot Suite Machine-Based Penetration Testing CyBot PRODUCT SUITE Unique, patented Machine-based Penetration Testing Software with Global Attack Path Scenarios (APS) product suite: CyBot
More informationSOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)
SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP) Adaptive Cybersecurity at the Speed of Your Business Attackers Evolve. Risk is in Constant Fluctuation. Security is a Never-ending Cycle.
More informationNew Guidance on Privacy Controls for the Federal Government
New Guidance on Privacy Controls for the Federal Government IAPP Global Privacy Summit 2012 March 9, 2012 Dr. Ron Ross Computer Security Division, NIST Martha Landesberg, J.D., CIPP/US The Privacy Office,
More informationTo Audit Your IAM Program
Top Five Reasons To Audit Your IAM Program Best-in-class organizations are auditing their IAM programs - are you? focal-point.com Introduction Stolen credentials are the bread and butter of today s hacker.
More informationGovernance for the Public Sector Cloud
Governance for the Public Sector Cloud Managing Cost and Ensuring Compliance Paving the Way to the Cloud Forecasting a potential 30% reduction in data infrastructure spend, the U.S. Government embarked
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationSneak Peak at CIS Critical Security Controls V 7 Release Date: March Presented by Kelli Tarala Principal Consultant Enclave Security
Sneak Peak at CIS Critical Security Controls V 7 Release Date: March 2018 2017 Presented by Kelli Tarala Principal Consultant Enclave Security 2 Standards and Frameworks 3 Information Assurance Frameworks
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationData to Decisions Terminate, Tolerate, Transfer, or Treat
I N S T I T U T E F O R D E F E N S E A N A L Y S E S Data to Decisions Terminate, Tolerate, Transfer, or Treat Laura A. Odell 25 July 2016 Approved for public release; distribution is unlimited. IDA Non-Standard
More informationWHITE PAPER CONTINUOUS MONITORING INTRODUCTION & CONSIDERATIONS PART 1 OF 3
WHITE PAPER CONTINUOUS MONITORING INTRODUCTION & CONSIDERATIONS PART 1 OF 3 ABSTRACT This white paper is Part 1 in a three-part series of white papers on the sometimes daunting subject of continuous monitoring
More informationTHE POWER OF TECH-SAVVY BOARDS:
THE POWER OF TECH-SAVVY BOARDS: LEADERSHIP S ROLE IN CULTIVATING CYBERSECURITY TALENT SHANNON DONAHUE DIRECTOR, INFORMATION SECURITY PRACTICES 1 IT S A RISK-BASED WORLD: THE 10 MOST CRITICAL UNCERTAINTIES
More informationDefense in Depth Security in the Enterprise
Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Risk Monitoring Risk Monitoring assesses the effectiveness of the risk decisions that are made by the Enterprise.
More informationCompliance Audit Readiness. Bob Kral Tenable Network Security
Compliance Audit Readiness Bob Kral Tenable Network Security Agenda State of the Market Drifting Out of Compliance Continuous Compliance Top 5 Hardest To Sustain PCI DSS Requirements Procedural support
More informationCYBER SECURITY AIR TRANSPORT IT SUMMIT
CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER SECURITY AIR TRANSPORT IT SUMMIT SHARING GOOD PRACTICES VIVIEN EBERHARDT, SITA CYBER SECURITY CYBER
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationNational Policy and Guiding Principles
National Policy and Guiding Principles National Policy, Principles, and Organization This section describes the national policy that shapes the National Strategy to Secure Cyberspace and the basic framework
More informationThe Perfect Storm Cyber RDT&E
The Perfect Storm Cyber RDT&E NAVAIR Public Release 2015-87 Approved for public release; distribution unlimited Presented to: ITEA Cyber Workshop 25 February 2015 Presented by: John Ross NAVAIR 5.4H Cyberwarfare
More informationFedRAMP Digital Identity Requirements. Version 1.0
FedRAMP Digital Identity Requirements Version 1.0 January 31, 2018 DOCUMENT REVISION HISTORY DATE VERSION PAGE(S) DESCRIPTION AUTHOR 1/31/2018 1.0 All Initial document FedRAMP PMO i ABOUT THIS DOCUMENT
More informationNotification of Issuance of Binding Operational Directive and Establishment of. AGENCY: National Protection and Programs Directorate, DHS.
This document is scheduled to be published in the Federal Register on 09/19/2017 and available online at https://federalregister.gov/d/2017-19838, and on FDsys.gov 9110-9P-P DEPARTMENT OF HOMELAND SECURITY
More informationCyber security - why and how
Cyber security - why and how Frankfurt, 14 June 2018 ACHEMA Cyber Attack Continuum Prevent, Detect and Respond Pierre Paterni Rockwell Automation, Connected Services EMEA Business Development Manager PUBLIC
More informationISE Central Executive Forum and Awards 2012
ISE Central Executive Forum and Awards 2012 Company Name: Project Name: Presenter: Presenter Title: Sallie Mae Enterprise-Wide Continuous Monitoring & Vulnerability Management Brian Brush Director Corporate
More informationexisting customer base (commercial and guidance and directives and all Federal regulations as federal)
ATTACHMENT 7 BSS RISK MANAGEMENT FRAMEWORK PLAN [L.30.2.7, M.2.2.(7), G.5.6; F.2.1(41) THROUGH (76)] A7.1 BSS SECURITY REQUIREMENTS Our Business Support Systems (BSS) Risk MetTel ensures the security of
More informationCybersecurity Overview
Cybersecurity Overview DLA Energy Worldwide Energy Conference April 12, 2017 1 Enterprise Risk Management Risk Based: o Use of a risk-based approach for cyber threats with a focus on critical systems where
More informationIntroduction to the Federal Risk and Authorization Management Program (FedRAMP)
Introduction to the Federal Risk and Authorization Management Program (FedRAMP) 8/2/2015 Presented by: FedRAMP PMO 1 Today s Training Welcome! This training session is part one of the FedRAMP Training
More informationFedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide. Version 1.2
FedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide Version 1.2 October 21, 2016 FedRAMP POA&M Template Completion Guide v1.1 September 1, 2015 Document Revision History Date Description
More informationENHANCE ROI WITH RSA ARCHER FEDERAL SOLUTIONS
ENHANCE ROI WITH RSA ARCHER FEDERAL SOLUTIONS ABSTRACT This paper illustrates the major challenges faced by today s Federal Information Assurance professional, and enumerates solutions that RSA Archer
More informationClick to edit Master title style
Federal Risk and Authorization Management Program Presenter Name: Peter Mell, Initial FedRAMP Program Manager FedRAMP Interagency Effort Started: October 2009 Created under the Federal Cloud Initiative
More informationInformation Systems Security Requirements for Federal GIS Initiatives
Requirements for Federal GIS Initiatives Alan R. Butler, CDP Senior Project Manager Penobscot Bay Media, LLC 32 Washington Street, Suite 230 Camden, ME 04841 1 Federal GIS "We are at risk," advises the
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationCSAM Support for C&A Transformation
CSAM Support for C&A Transformation Cyber Security Assessment and Management (CSAM) 1 2 3 4 5 Five Services, One Complete C&A Solution Mission/Risk-Based Policy & Implementation/Test Guidance Program Management
More informationFedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide. Version 1.1
FedRAMP Plan of Action and Milestones (POA&M) Template Completion Guide Version 1.1 September 3, 2015 FedRAMP Plan of Action & Milestones (POA&M) Template Completion Guide v1.1 September 3, 2015 Document
More informationDefense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility
Strategic Plan 2020 Addendum, April 2017 Our Agency, Our Mission, Our Responsibility [2] DSS Strategic Plan Addendum 2020 Addendum The DSS Strategic Plan 2020 is designed to support the agency s continuous
More informationSpace Cyber: An Aerospace Perspective
Space Cyber: An Aerospace Perspective USAF Cyber Vision 2025 AFSPC 19-21 March 2012 Frank Belz and Joe Betser The Aerospace Corporation Computers and Software Division 20 March 2012 frank.belz@aero.org
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cyber security, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationeguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments
eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments Today s PCI compliance landscape is one of continuing change and scrutiny. Given the number
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationIncident Response Requirements and Process Clarification Comment Disposition and FAQ 11/27/2014
Incident Requirements and Process Clarification Disposition and FAQ 11/27/2014 Table of Contents 1. Incident Requirements and Process Clarification Disposition... 3 2. Incident Requirements and Process
More informationCyber Security For Business
Cyber Security For Business In today s hostile digital environment, the importance of securing your data and technology cannot be overstated. From customer assurance, liability mitigation, and even your
More informationFedRAMP Training - Continuous Monitoring (ConMon) Overview
FedRAMP Training - Continuous Monitoring (ConMon) Overview 1. FedRAMP_Training_ConMon_v3_508 1.1 FedRAMP Continuous Monitoring Online Training Splash Screen Transcript Title of FedRAMP logo. Text
More informationTransportation Security Risk Assessment
Transportation Security Risk Assessment Presented to: Nuclear Waste Technical Review Board Presented by: Nancy Slater Thompson Office of National Transportation October 13, 2004 Salt Lake City, Utah Introduction
More informationState Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017
State Governments at Risk: State CIOs and Cybersecurity CSG Cybersecurity and Privacy Policy Academy November 2, 2017 About NASCIO National association representing state chief information officers and
More information300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ POLICY NO: SUPERSEDES: N/A VERSION: 1.0
P.O. Box 212 Philip D. Murphy, Governor 300 Riverview Plaza Odysseus Marcopolus, Chief Operating Officer Trenton, NJ 08625-0212 www.tech.nj.gov STATE OF NEW JERSEY TECHNOLOGY CIRCULAR Enterprise Information
More informationOffice of Security Capabilities Cybersecurity Management Framework
Transportation Security Administration Office of Security Capabilities Version 1.5 Updated: August 10, 2015 The contents of this framework draw from and are in alignment with requirements identified in
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationDepartment of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview
Department of Defense (DoD) Joint Federated Assurance Center (JFAC) Overview Kristen Baldwin Principal Deputy, Office of the Deputy Assistant Secretary of Defense for Systems Engineering (DASD(SE)) 17
More information