Federal Continuous Monitoring Working Group. March 21, DOJ Cybersecurity Conference 2/8/2011

Similar documents
Information Security Continuous Monitoring (ISCM) Program Evaluation

White Paper. View cyber and mission-critical data in one dashboard

Improving Cybersecurity through the use of the Cybersecurity Framework

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

WHITE PAPER CONTINUOUS MONITORING INTRODUCTION & CONSIDERATIONS PART 1 OF 3

Enterprise Risk Management (ERM) and Cybersecurity. Na9onal Science Founda9on March 14, 2018

Reinvent Your 2013 Security Management Strategy

FISMA Cybersecurity Performance Metrics and Scoring

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

SYSTEMS ASSET MANAGEMENT POLICY

INFORMATION ASSURANCE DIRECTORATE

Does a SAS 70 Audit Leave you at Risk of a Security Exposure or Failure to Comply with FISMA?

Why you should adopt the NIST Cybersecurity Framework

Updates to the NIST Cybersecurity Framework

Kent Landfield, Director Standards and Technology Policy

IT Risk & Compliance Federal

CYBERSECURITY RESILIENCE

Defense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

The HITRUST CSF. A Revolutionary Way to Protect Electronic Health Information

NCSF Foundation Certification

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

UNCLASSIFIED. FY 2016 Base FY 2016 OCO

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

CISO as Change Agent: Getting to Yes

Appendix 12 Risk Assessment Plan

INFORMATION ASSURANCE DIRECTORATE

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Using Metrics to Gain Management Support for Cyber Security Initiatives

Ready, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan

Appendix 12 Risk Assessment Plan

CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber

Ensuring System Protection throughout the Operational Lifecycle

Math is Hard: Compliance to Continuous Risk Management

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

Rocky Mountain Cyberspace Symposium 2018 DoD Cyber Resiliency

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

Comments Resolution 3/29/2011

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Effectively Measuring Cybersecurity Improvement: A CSF Use Case

WHITE PAPER CONTINUOUS MONITORING INTRODUCTION & CONSIDERATIONS PART 2 OF 3

Mitigating Risk with Ongoing Cybersecurity Risk Assessment. Scott Moser CISO Caesars Entertainment

Service Management. What an Acquisition Practitioner Needs to Know. Karen Gomez Defense Information Systems Agency Mission Support Division

EXABEAM HELPS PROTECT INFORMATION SYSTEMS

TEL2813/IS2621 Security Management

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

Evolving Cybersecurity Strategies

RSA Cybersecurity Poverty Index : APJ

Forecast to Industry Program Executive Office Mission Assurance/NetOps

The New Security Heroes. Alan Paller

ISACA Arizona May 2016 Chapter Meeting

Sustainable Security Operations

10/18/2016. Preparing Your Organization for a HHS OIG Information Security Audit. Models for Risk Assessment

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Top Five Secrets to Successfully Jumpstarting Your Cyber-Risk Program

K12 Cybersecurity Roadmap

Department of Management Services REQUEST FOR INFORMATION

RSA Cybersecurity Poverty Index

Continuous Monitoring & Security Authorization XACTA IA MANAGER: COST SAVINGS AND RETURN ON INVESTMENT IA MANAGER

From the Trenches: Lessons learned from using the NIST Cybersecurity Framework

Information Technology Security Plan Policies, Controls, and Procedures Identify Risk Assessment ID.RA

Testimony. Christopher Krebs Director Cybersecurity and Infrastructure Security Agency U.S. Department of Homeland Security FOR A HEARING ON

Cybersecurity Auditing in an Unsecure World

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Enabling Efficient, Consistent Certification and Accreditation Enterprise-Wide

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

Building a Resilient Security Posture for Effective Breach Prevention

Integrated Cyber Defense Working Group (ICD WG) Introduction

SAC PA Security Frameworks - FISMA and NIST

NCSF Foundation Certification

National Cybersecurity Center of Excellence

MITIGATE CYBER ATTACK RISK

The NIST Cybersecurity Framework

Buyer s Guide. What you need to know before selecting a cyber risk analytics solution

HP Fortify Software Security Center

Cyber Resilience. Think18. Felicity March IBM Corporation

standards and frameworks and controls oh my! Mike Garcia Senior Advisor for Elections Best Practices

Introduction to the Federal Risk and Authorization Management Program (FedRAMP)

SIEM: Five Requirements that Solve the Bigger Business Issues

Measuring Cybersecurity Readiness: The Cybersecurity Maturity Model

Automating the Top 20 CIS Critical Security Controls

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

SOLUTION BRIEF Virtual CISO

Designing and Building a Cybersecurity Program

NCCoE TRUSTED CLOUD: A SECURE SOLUTION

CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture (Draft)

10 Cybersecurity Questions for Bank CEOs and the Board of Directors

ISSMP is in compliance with the stringent requirements of ANSI/ISO/IEC Standard

10/12/2017 WHAT IS NIST SP & WHY SHOULD I CARE ABOUT IT? OVERVIEW SO, WHAT IS NIST?

Best Practices & Lesson Learned from 100+ ITGRC Implementations

Managed Trusted Internet Protocol Service (MTIPS) Enterprise Infrastructure Solutions (EIS) Risk Management Framework Plan (RMFP)

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Inspector General. Report on the Peace Corps Information Security Program. Peace Corps Office of. Background FISCAL YEAR 2017

Cyber Hygiene: A Baseline Set of Practices

Transcription:

Federal Continuous Monitoring Working Group March 21, 2011 DOJ Cybersecurity Conference 2/8/2011 4/12/2011

Why Continuous Monitoring? Case for Change Strategy Future State Current State Current State Case For Change Future State Compliance Based Methods Historical Point in Time purview into agency networks Agency leaders & security personnel unempowered in managing risk Billions spent on FISMA and C&A reporting efforts Need for a real-time purview into agency networks Need for Improve Riskbased decision making Direct positive impact on security Desire for higher ROI and improved mission execution Security Personnel & Agency Officials have real-time purview into the health of their network assets Ability to prioritize and remediate risk in a manner that directly improves agency cybersecurity posture

DHS Response Recognized the need to partner with strategic government partners to examine the feasibility of rolling out a government-wide strategy for implementation Examined multiple use case scenarios implemented at various federal civilian agencies Scalable to large complex organizations Provides a higher ROI vs. paper reports Allows for enterprise-level reporting Published CAESARS reference architecture for continuous monitoring Collaborating with NIST on the CAESARS Framework Extension Established joint FNS/ISIMC CMWG to collaboratively develop next iteration of FISMA metrics and evolve CAESARS

CMWG Representation 18 Department Level Participants Increased Agency Component & Bureau level participation

CMWG Vision Promote cross-government collaboration in the establishment of a government-wide continuous monitoring and risk scoring capability. Focus on the technology, people and process based capabilities that will enable agencies to implement this capability at the enterprise level, and enhance the overall security posture of the United States Federal Government. 4/12/2011

Continuous Monitoring Defined "Continuous Monitoring is a risk management approach to cybersecurity that maintains an accurate picture of an organization s security risk posture, provides visibility into assets, and leverages use of automated data feeds to quantify risk, ensure effectiveness of security controls, and implement prioritized remedies. -NIST SP 800-137 Draft

Goals and Objectives - Overview Goal 1: Enable Federal Agencies to implement CM/RS. Goal 2: Provide Federal Standards to allow integration of information at the Federal Level. Goal 3: Leverage Federal buying power to reduce the cost of implementing CM/RS Goal 4: Educate decision makers on the full scope of Continuous Monitoring (technology and organizational)

Continuous Monitoring Today Build capability using existing data feeds and tools Component based approach Based on a standardized reference architecture Focused on security controls in NIST SP 800-53/CAG Solutions from multiple vendors can be combined together to create a CM solution Phase in additional capabilities in a logical manner Converges with capabilities found in FISMA FY10 Auto Feed Metrics Asset Management (CPE) Configuration Management (CCE) Vulnerability Management (CVE) 8

Continuous Monitoring Evolution Future Capabilities Expanded scope of FY10 auto feed metrics Boundary Defense Audit Log Analysis Application Security Privileges Access Dormant Accounts Ports, Protocols, and Services Data Leakage Protection Others Develop a Monitoring Strategy Review and Update Establish Measures and Metrics Continuous Monitoring Process Flow NIST 800-137 Respond and Mitigate Analyze Data and Report Findings Establish Monitoring & Assessment Frequencies Implement 9

Derived Capabilities of a CM Program Maintains an accurate picture of an organization s security risk posture Provides visibility into assets Leverages automated data feeds Allows for Quantification of risk Ensures continued effectiveness of security controls Informs automated or human-assisted implementation of remediation Enables prioritization of remedies Empowers employees at multiple levels within the organization

SAIR Tier III Targeting Continuous Monitoring Tools and Services In the planning stages Looking at a strategy and alternatives that would allow products to be added as they mature Considering a series of acquisitions Collaborating across all government agencies on requirements and strategy. Possibly releasing a RFI or Draft RFQ in Q4 2011 11

More information Continuous Monitoring Working Group https://max.omb.gov/maxportal/register/group/egov.isimc.cmwg Enterprise Continuous Monitoring Capability https://www.intelink.gov/sites/gig-ia/ecmc/default.aspx

Questions?

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback