continuous monitoring

Telos Corporation CEO John Wood joins host John Gilroy on this week’s Federal Tech Talk to discuss IT security and how his company can help federal agencies make a secure transition to the cloud. June 12, 2018

When it comes to continuous monitoring for cybersecurity – and its companion strategy of continuous diagnostics and mitigation – federal agency practitioners need to be realistic about how they apply the words “monitoring” and “continuous.”

Current and former intelligence community officials say they’re not getting the buy-in they need from their top leadership — or the guidance they need to use begin using social media — in their insider threat and security clearance programs.

The White House issued the draft version of Circular A-130 updating the 15-year-old policy, specifically with a host of new definitions and requirements for protecting networks and systems.

Brian Marvin, vice president Sales, Public Sector, BMC, joins host John Gilroy to discuss how his company can help agencies achieve their IT goals. July 21, 2015

Dave Bennett, DISA’s chief information officer, said the agency is beginning to implement a new approach to cybersecurity. He said the continuous monitoring risk scoring system (CMRS) looks at a variety of factors to give the agency a score based on a set of predetermined analytics.

Cybersecurity within the Commerce Department has traditionally been overseen and managed by its 14 individual bureaus. Those agencies will still operate their own IT systems, but a new Commercewide oversight center will aggregate all information about the department’s vulnerabilities into a single dashboard to be used by senior management.

The Homeland Security Department has reviewed about 18 new or improved cybersecurity tools or technologies that may be added to the continuous diagnostics and mitigation program (CDM). John Streufert, the director of Federal Network Resilience at National Protection and Programs Directorate in DHS, said CDM is not delayed and on track to deliver results.

Despite steps forward, agencies fell short of their 2014 targets for cybersecurity. The Obama administration is pushing chief information officers to focus on priorities of continuous monitoring, phishing and malware, and authorization processes for 2015, according to the newly released cross-agency priority goals on Performance.gov.

The comply-to-connect initiative is about removing much of the people challenges by automating the software patching and updating the cyber processes in real time.