From: Telos
Nov
30
CyberScope and Continuous Monitoring: Looking Ahead
Nov
28
Situational Awareness Incident Response (SAIR) Tier III Project
The Department of Homeland Security has published a Request for Information (RFI) that requests
industry feedback on existing Government product performance requirements involving the Situational Awareness Incident Response (SAIR) Tier III project. The objective of SAIR Tier III is to provide U.S. Government (USG) agencies the ability to assess, assure, monitor, and measure the security posture of their information technology (IT) assets in a timely manner (i.e., near-real time.) This RFI provides an opportunity for respondents to submit their ideas and initiatives related to this request. Additionally, respondents will have the opportunity to comment on the draft product performance requirements for SAIR III listed on Attachment 2.
Nov
23
Protecting the mobile environment
From: FederalNewsRadio.com 1500AM
In the VA, there are a reported 100,000 mobile devices.
Marketing analysts are predicting 55 million tablets being sold this year.
The concept of “Bring Your Own Device” (BYOD) is beginning to plague federal IT professionals whose job is to maintain a safe and secure environment.
On today’s show, Tom Kellerman, the CTO at Air Patrol Corporation, shares with listeners his thoughts on wireless situation awareness, managing the mobile risk, as well continuous monitoring.
Protecting the mobile environment means more than guarding against theft, sniffing, malicious code, and direct attack.
Nov
18
Cyber opportunities are hot in 2012
From: Washington Technology
The 2012 Federal IT budget request is $80.9 billion, with most federal IT spending requests slightly ahead of 2011 levels. Priorities include telework and mobile computing as well as cloud computing and virtualization. Yet, according to a recent federal IT budget briefing covered in Washington Technology magazine at the end of October, significant risks are associated with mobile computing and cloud-based applications. For that reason, cyber security will continue to top federal IT technology spending trends.
Nov
09
Federal agencies reduce cybersecurity risk through continuous monitoring
From: InfoSecurity.com
Continuous monitoring helps federal agencies “dramatically reduce risk”, observed Keren Cummins, director of federal markets for nCircle.
Cummins looked at three federal agencies – the State Department, US Agency for International Development (USAID), and the Center for Medicare and Medicaid Services (CMS) – that were able to use continuous monitoring to reduce cybersecurity risk.
For example, the State Department was able to reduce risk by 89% in the first 12 months of its continuous monitoring program; USAID was able to raise its Federal Information Security Management Act (FISMA) grade from C– to A+ in five years; and CMS was able to reduce risk at 88 data centers by 80%.
Nov
04
Government’s Cloud Audit Program Falls Behind Schedule
From: ThreatPost
In a speech on Wednesday, Federal Chief Information Officer Steven VanRoekel said that a federal plan for qualifying and providing security audits on private sector cloud providers will become mandatory for any agency that wanted to contact with third party cloud providers, according to a report on GovInfoSecurity.com. But even as the U.S. federal government forges ahead with plans to shift a quarter of its IT spending to cloud-based services, efforts to launch that program – the Federal Risk and Authorization Management Program (FedRAMP)- are falling way behind schedule, according to a GAO report.
Nov
03
Federal CIO says FedRAMP to be mandatory
From: GCN
By Rutrell Yasin
The Federal Risk and Authorization Program will eventually be a mandatory path as federal agencies move to the cloud, federal CIO Steve VanRoekel told a government and industry audience at the National Institute of Standards and Technology campus. And FedRAMP will help make agencies more secure in the cloud than they are today.
“FedRAMP in the very near future is really a starting point,” Van Roekel said during a speech at the NIST Cloud Computing Forum & Workshop IV in Gaithersburg, Md, Nov. 2. “We envision FedRAMP as a living initiative,” VanRoekel said in the second speech he has given since taking the reins of the federal CIO office.