Security Industry Vies for Federal Network Monitoring Contracts

From: eWeek

By Robert Lemos

The push to improve security at federal agencies could mean as much as $6 billion for security firms that win the coveted contracts.

The U.S. government’s push to improve the security of its civilian, intelligence and military agencies has attracted enormous interest from the security industry, with almost two dozen teams of companies competing for a piece of a $6 billion budget over the next five years for deploying systems that will continuously monitor the security status of networks and systems.


Feds Take A Leadership Role Toward Self-Defending Networks

From: Network World

Push for standards, continuous monitoring, and security automation may encourage industry and commercial sector collaboration and support

Jon Oltsik

Around 2005, Cisco coined the term “self-defending networks” and used it to market products like Cisco PIX and Catalyst IDS blades. By 2007, the marketing brain trust at Cisco had moved on in another direction, adopting another grand theme for network security.


Deputy federal CIO outlines future priorities

From: FCW

By Frank Konkel

With Federal CIO Steven VanRoekel called away on White House business, Deputy CIO Lisa Schlosser stepped in to talk about federal IT priorities via Skype at the ACT-IAC Management of Change 2013 conference in Cambridge, Md.

Her message, similar to those VanRoekel has delivered recently, centered on increased innovation, improved cyber and information security, a CIO Council-led effort to implement continuous monitoring in the federal space, and cost-cutting measures such as strategic sourcing and shared services.


Threats and Opportunities Growing in Cybersecurity

From: National Defense Magazine

By Tim Larkins

The federal government will spend about $10 billion on cybersecurity in fiscal  year 2013. That number could grow to $13 billion in fiscal year 2014.  For most federal agencies, cybersecurity is one hot-button issue that will not soon  disappear. Determining what to defend against will play a large role in how much  money the government must allocate toward cybersecurity.


Funding DHS Cybersecurity Initiatives


House Panel Places Few Limits on How Money Could Be Spent

By Eric Chabrow

A House Appropriations Committee bill would give the Department of Homeland Security $24 million less for cybersecurity than President Obama seeks. But it would provide the administration lots of flexibility in how to spend the money.

The legislation, which cleared the panel May 16 and goes to the full House, would earmark $786 million for cybersecurity operations in fiscal year 2014, which begins Oct. 1. This figure represents a 4 percent increase over current spending levels and includes nearly $200 million for a federal network security program housed at DHS. That initiative is aimed to assist other agencies in providing adequate, risk-based and cost-effective cybersecurity, which includes the acquisition and operation of continuous monitoring and diagnostic software.


Continuous Monitoring as a Service Award on the Horizon

From: GovWin/Deltek

by Kyra (Kozemchak) Fussell

Improved cybersecurity was called out as one of three administrative priorities for FY 2014. Agencies have been inching towards cybersecurity targets, and an upcoming award may ease agency pains of implementing continuous monitoring solutions.
As described in the 2012 FISMA report, continuous monitoring covers three categories: assets, configuration and vulnerability. According to the report, all CFO Act agencies demonstrated the ability to successfully report data feeds to Cyberscope. While agency implementation of automated continuous monitoring increased in FY 2012, 7 out of 24 civilian agencies did not have monitoring programs in place.



Hacking Higher Education

From: InformationWeek/Education

The cybersecurity challenge on college campuses lies as much with the students as with malicious outsiders.

David F. Carr

When a faculty member at Miami University in Oxford, Ohio, logged in to the university’s grade book last fall, she realized something was wrong: The grades in the online system didn’t match her paper records. She was alert enough to see this was no mere glitch.


Is ‘fear the auditor’ holding back real IT security?

From: GCN

By William Jackson

Leo Scanlon, chief information security officer of the National Archives and Records Administration, has an information security question for federal CIOs: “Are you satisfied that where you are is good enough? Do you understand the risk?”

Too often, he says, federal C-level officials do not know if their security is adequate because they do not understand the risks they face and what the risk tolerance of their agencies should be. And too often, they are content to remain that way.


APTs: the imperative for active monitoring


By: Fran Howarth

Every year, I search for a common theme at Infosec Europe, but this year it was not so immediately obvious. There were no large clouds hanging above the exhibition hall and many of the largest vendors were absent, their places taken by innovative start-ups.

Yet, under the covers, there were two major themes that many of the vendors that I spoke to talked about—APTs (Advanced Persistant Threats) and the need for continuous monitoring. In fact, these two things go hand in hand.


Risk and Compliance: The Yin and Yang of Security

From: TechNewsWorld

By Joe Fantuzzi & Torsten George

Regulations and mandates — whether they’re from government or industry — are important aspects of ensuring security within organizations. However, there is more to the battle to lock down information in a Big Data world. Compliance should play a supporting role within a framework driven by risk assessment, continuous monitoring, and closed-loop remediation.

Mushrooming industry and government mandates that govern IT security have led to a highly regulated environment and annual compliance fire drills. Compliance, however, does not necessarily equal better security.

Older posts «