CDM contracts could open door to more efficient security monitoring

From: FCW

By Mark  Rockwell

Federal officials and technologists who pushed to advance continuous monitoring cybersecurity capabilities are hoping the awarding of 17 continuous diagnostics and mitigation contracts this summer is the beginning of more efficient — and less expensive — IT operations for federal, state and local agencies.

“CDM can change the way government does security,” said Mark Weatherford, former deputy undersecretary for cybersecurity at the Department of Homeland Security. Weatherford joined a group of current and ex-DHS officials at an Oct. 29 Chertoff Group event who said the blanket purchase agreements awarded this past summer to 17 vendors could allow agencies to save billions in labor costs, as well as provide better security information.


Security tool delivers surprise insights to Domino’s Pizza

From: Network World

Imaginative use of Splunk Enterprise SIEM lets Domino’s track online coupon use

By Ellen Messmer

Marketers at Domino’s Pizza are gaining new and more immediate insights into online coupon usage from an unexpected source:   a security management tool used by the national chain’s IT department.

The Splunk Enterprise security information-and-event management (SIEM) tool that Domino’s IT department started using earlier   this year was intended to simply log data as part of system monitoring, says Russ Turner, Domino’s manager of site reliability   engineering. And Splunk Enterprise has been logging about 30GB of data per day.


DHS Continuous Diagnostics and Mitigation Implementation Plans: FY ’14

Editor’s Note:  The DHS OIG’s Annual Performance Plan for  Fiscal Year 2014 is available here. In the brief excerpt below, The Office of Management’s Information Technology Division discusses plans for Continuous Diagnostics and Mitigation Implementation.

Continuous Diagnostics and Mitigation Implementation

ITD will take action to reduce cyberspace risks in our offices and DHS at large, in part, by increasing our knowledge about IT assets on the network, as well as reducing vulnerabilities present in DHS OIG systems. We plan to install continuous diagnostics and mitigation tools in the first quarter of FY 2014, and establish a strong patching and vulnerability management process in the second quarter based on government‐wide and industry best practices. The performance indicators for this project are FY 2014 FISMA performance metrics and implementing proactive IT security processes.


Feds Tackle Continuous Monitoring

From: BankInfoSecurity.com

$6 Billion Initiative Addresses Holes in Federal, State Systems

By Jeffrey Roman

In the next five years, the federal government will work to centralize for civilian agencies’ networks a way to identify cyberflaws and employ continuous monitoring tools to remediate them, the Department of Homeland Security’s John Streufert says.

The DHS initiative, known as the Continuous Diagnostic and Mitigation program, offers federal, state and local government agencies the ability to purchase discounted hardware, software and services to assess risks and present those risks in a continuously updated dashboard.


Biggest data security threats come from inside, report says

From: PCWorld

By Grant Hatchimonji, CSO

While threats to data security and privacy are often perceived to come from the outside, all signs point to internal threats being just as dangerous, intentional or not.

Forrester recently released its Understand the State of Data Security and Privacy report, which offered insight on the reasons behind data breaches, with internal threats emerging as the leading cause. The survey—which featured respondents from Canada, France, Germany, the U.K., and the U.S. from companies with two or more employees—also covered other topics, including how security budgets are being allocated and the changing landscape of security teams’ responsibilities.


Insider Attacks Are a Growing Threat

From: Baseline

The risk of internal security breaches is more prevalent than ever, and enterprises must adopt stringent security measures to protect their systems and data         

By Samuel Greengard

Despite a persistent stream of news reports focusing on hacking, spying and cyber-crime, the biggest threat resides within the enterprise, according to a recent report, “The Ominous State of Insider Threats” from Enterprise Strategy Group and data security provider Vormetric. Overall, 54 percent of enterprise executives at large and midsize organizations believe it is more difficult to detect and prevent insider attacks today than it was in 2011. Moreover, 46 percent report that—despite a growing array of security tools, processes and resources—they are more vulnerable than ever to an insider attack.


Next steps in security automation

From: GCN

By William Jackson

Building on the success of the U.S. government’s Security Content Automation Protocol (SCAP), an Internet Engineering Task Force working group is developing international standards for automating the job of assessing and monitoring the security of IT systems.

Automation is seen as essential to improving cybersecurity, and ensuring that tools from different vendors can work together in a global online environment requires industry standards. The National Institute of Standards and Technology, together with the Homeland Security Department and the National Security Agency, began the process with SCAP, a suite of interoperable specifications for conveying security information that vendors to government agencies must comply with. The working group is expanding that limited set of specs for international use.