continuous monitoring

Learn more in today’s cybersecurity update.

More and more agencies are gearing up to deploy continuous monitoring as a means of complying with FISMA. What is it, and will it come to your agency soon?

Host Tom Temin talks with Jerry Davis, the chief information security officer for NASA. July 1, 2010

As more and more federal agencies and companies in the private sector ramp up their use of both private and public clouds, the Fed Cloud Blog thought it would be interesting to look at potential pitfalls they should try to avoid. Lucky for us, Information Week has put together a list of ways companies can […]

OMB mandated departments implement continuous monitoring of their cyber networks by 2012. Part of meeting that goal is understanding what hardware and software currently reside on the computing backbone.

Despite a 2006 mandate to secure mobile devices and implement two-factor authentication, only just over half of federal agencies have managed to do so. OMB submits its annual FISMA report to Congress detailing the steps the government has taken to improve cybersecurity, including spending $12 billion on cybersecurity last year.

Immigration and Customs Enforcement received a score of 95 on its FISMA report card in 2011. Jeff Eisensmith, the ICE CISO, said the agency is implementing continuous monitoring and increasing the training of its employees.

Deputy secretaries now get quarterly scorecards on how their agency is meeting four IT security priorities, including continuous monitoring of agency networks and secure identity cards. Howard Schmidt, the White House cyber coordinator, said the goal is to increase accountability and make sure agencies are putting enough focus on these areas. Schmidt said he is also developing priorities for 2012, which includes getting cybersecurity legislation passed.

Homeland Security releases policy and guidance on how departments and vendors will implement continuous monitoring and get away from static reports on the cyber health of their systems. DHS is hoping Congress approves a $200 million funding request to buy five different commercial cyber tools, a dashboard and a security data warehouse in 2013.

The agency turns to teams of experts to review how departments are meeting the Trusted Internet Connections (TIC) initiative. DHS plans to expand the use of Blue Teams to the implementation of continuous monitoring and two-factor authentication under Homeland Security Presidential Directive-12.