5 Ways Federal CIOs Plan to Improve Security Monitoring

From: CIO

One of the leaders of Homeland Security’s Continuous Diagnostics and Mitigation program shares his strategy for deploying real-time security and situational awareness across the government.


WASHINGTON – As the federal government gradually moves to an always-on, cloud-centric IT operation, senior technology officials work to ensure that agencies’ security posture can keep pace.

The feds broadly have been trying to move beyond the days when security was a check-box, compliance-centered activity, and into an era of real-time monitoring of networks and systems.


Agencies stalk the insider threat

From: GCN

By William Jackson

With cyberspace now recognized as a military domain alongside land, sea, air and space, nations are gearing up to wage war and defend themselves with equal demonstrations of power and technology against enemies in the cyber domain.   

With cyberwar comes the threat of new forms of espionage, as well as sabotage conducted within both the information systems and control systems that form the interface between the physical and cyber worlds. Security, both physical and cyber, traditionally has been outward facing. But espionage and sabotage often are the domains of the trusted insider, the agent operating from within.


Cyber Risk Dashboards: False Sense Of Control?

From: InformationWeek/Government

Federal programs promoting the use of risk dashboards can boost real-time visibility, but only if they are used correctly.

Dashboards are used throughout business and industry to provide a measure of success. A correctly designed and implemented dashboard can provide critical information to an organization about performance and risk measures in near-real time. The dashboard information should drive the organization to excel in meeting goals while minimizing risk and provide early warnings of possible problems. Dashboards are a good thing when used correctly, but how do we know if we are measuring the correct indicators?


Using CyberSecurity Analytics to Secure the Enterprise

From: Bright Talk

 John Colley, Managing Director, (ISC)2 EMEA, Speaker: Josyula Rao, Senior Manager, Security Research Scientist

Over the last decade, the problem of CyberSecurity has become the most pressing and challenging security problem of our time. As CyberSecurity threats and attacks grow in frequency and the enterprise risk escalates rapidly, businesses and governments are searching for innovative technologies to combat the problem more effectively. Enterprise customers today have deployed numerous security controls including security sensors such as intrusion prevention and detection systems as well as security tooling for identity, access and audit management. These systems enable enterprises to manage their security posture, generating a multitude of event alert streams as well as logs and audit records that contain potentially actionable intelligence that today is typically not fully mined nor available in real-time. The inability to consolidate and correlate these events and data automatically at line speeds and present them to the security analyst in a semantically-meaningful manner robs security analysts and administrators of a valuable tool to defend enterprise networks.


Agencies have big information gap when it comes to CDM

From: FedScoop


A new survey from the SANS Institute claims there is a lack of awareness when it comes to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program, with increased staffing, training and word-of-mouth needed for meaningful progress.

The survey, which was given to federal, state and local security professionals, found that the only people with working knowledge of the program were chief information officers, chief information security officers, chief technology officers or other high-level security directors.


Updated NIST Guide Provides Computer Security Assessment Procedures for Core Security Controls

From: NIST

The National Institute of Standards and Technology (NIST) has issued for public comment a draft update of its primary guide to assessing the security and privacy controls that safeguard federal information systems and networks. Public comments are due by Sept. 26, 2014.

NIST publishes two complementary publications that together provide its basic guidance and recommendations for ensuring data security and privacy protection in federal information systems and organizations, a role assigned to NIST under the Federal Information Security Management Act (FISMA). The publications are so famous they are generally known just by their numbers.


How to recognise the cyber insider threat

From: CIO

If people start accessing systems or the data in them more often, you may have a problem

Hamish Barwick (CIO)

Losing business to a competitor because one of your trusted employees has walked out the door with sensitive information doesn’t need to happen if you look for the signs and put controls in place, according to a panel of cyber security experts.

Cisco Australia hosted a discussion on cyber security in Sydney this week.

According to Computer Emergency Response Team (CERT) Australia’s technical director, Doctor Jason Smith, many organisations CERT Australia works with become victim to an insider because their network is misconfigured or not monitored.