Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved.

Published byDwain Moody Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved."— Presentation transcript:

1 1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved

2 2 Agenda Current State of Continuous Monitoring Continuous Monitoring Defined FedRAMP Status Continuous Monitoring Solutions Top 10 Lessons Learned

3 3 1.“Annual” systems inventory 2.“Annual” testing 3.C&A every “three” years 4.Weaknesses “Quarterly” 5.Train “once a year” (awareness) 3 FISMA Continuous Monitoring Today

4 4 7. Incident Reporting 6. Configuration Management 5. “Daily” weakness updates 4. C&A technical controls x 72 3. Daily not “Annual” testing 2. Inventory improvements 1. “Daily” awareness training 4 Continuous Monitoring Tomorrow

5 5 Strong Demand for Ideas Continuous Monitoring / RMF Webinar –SecureInfo sponsored and moderated –400+ attendees from public/private sector –Closed all available seats in less than a month

6 6 Continuous Monitoring Defined Source: NIST 800-137 IPD

7 7 Continuous Monitoring Domains  All controls are NOT required  Define your own frequencies of monitoring controls.  800-137 provides guidance on controls by domains

8 8 Continuous Monitoring Simplified Rules Engine correlates data to standards NIST 800-53 Or your own Assessment Data Compliance Data Asset Data If 5 out of 10 requirements are compliant, your score is 50% Drill down into Scorecards & Reports My Tasks

9 9 FedRAMP Federal Agencies Outsourced Systems FedRAMP Risk Management -Authorization -Continuous Monitoring -Federal Security Requirements … … A government-wide initiative to provide joint authorizations and continuous security monitoring services Unified government-wide risk management Agencies would leverage FedRAMP authorizations Source: FedRAMP Exec Briefing

10 10 Recommendations to FedRAMP (116 controls) Recommended Controls to be represented via Continuous Monitoring for Low impact cloud systems are: 1. CM-6 Configuration Settings 2. CM-8 Information System Component Inventory 3. RA-5 Vulnerability Scanning 4. SI-2 Flaw Remediation 5. SI-3 Malicious Code Protection (297 controls) Recommended Controls to be represented via Continuous Monitoring for Moderate impact cloud systems are: 1. AU-2 Auditable Events 2. CM-6 Configuration Settings 3. CM-8 Information System Component Inventory 4. IR-5 Incident Monitoring 5. IR-6 Incident Reporting 6. RA-5 Vulnerability Scanning 7. SI-2 Flaw Remediation 8. SI-3 Malicious Code Protection 9. SC-7 Boundary Protection

11 11 CAESARS Continuous Asset Evaluation, Situational Awareness, and Risk Scoring Reference Architecture Report

12 12 iPOST Remedy CiscoWorks HP OpenView Tavve PreView Microsoft SMS Niksun NetOmni Tenable Security Center NetIQ AppManager & SecurityManager

13 13 In Commerical Sector: Microsoft Source: Global Foundation Services Information Security Management in the Cloud

14 14

15 15 Top 10 Lessons Learned 1.Identify a pilot group/department to use that represents a good cross section of your organization 2.Validate systems of record for your data sources 3.Verify data accuracy and “cleanliness” for analysis and reporting purposes 4.Develop questionnaires that are consumable in less than 15 minutes 5.Identify common keys for your data source linkages

16 16 Top 10 Lessons Learned Continued 6.Use Web Services and common data formats as much as possible (reduce batch jobs) 7.Define your key performance indicators & report metrics that are trackable automatically 8.Baseline pilot and enterprise deployments & tracking variances in parallel 9.Request review from peers at other organizations & form an internal steering committee of key stakeholders 10.Have a backup plan to generate the data manually should an issue arise with your automated system.

17 17 Questions ?

18 18 Contact Information Yong-Gon Chon SVP & Chief Technology Officer SecureInfo Corporation 703-245-9753 work 703-981-2624 mobile 703-245-8442 fax www.secureinfo.com

Download ppt "1 Continuous Monitoring Proprietary Information of SecureInfo ® Corporation © 2011 All Rights Reserved."

Similar presentations

SHIFTING INFORMATION SECURITY LANDSCAPE FROM C&AS TO CONTINUOUS MONITORING ANDREW PATCHAN JD, CISA ASSOCIATE IG FOR IT, FRB LOUIS C. KING, CPA, CISA, CMA,

SHIFTING INFORMATION SECURITY LANDSCAPE FROM C&AS TO CONTINUOUS MONITORING ANDREW PATCHAN JD, CISA ASSOCIATE IG FOR IT, FRB LOUIS C. KING, CPA, CISA, CMA,
Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.

Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.
Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.

Federal Desktop Core Configuration and the Security Content Automation Protocol Peter Mell, National Vulnerability Database National Institute of Standards.
Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.

Federal Risk and Authorization Management Program (FedRAMP) Lisa Carnahan, Computer Scientist National Institute of Standards & Technology Standards Coordination.
SACM Terminology Nancy Cam-Winget, David Waltermire, March.

SACM Terminology Nancy Cam-Winget, David Waltermire, March.
Office of the Secretary of Defense – Comptroller Financial Improvement and Audit Readiness Directorate Unclassified 17 September 2014 GAO Revised “Green.

Office of the Secretary of Defense – Comptroller Financial Improvement and Audit Readiness Directorate Unclassified 17 September 2014 GAO Revised “Green.
Office of Technology Partnerships September 17, 2007 State and Local Collaboration Michigan’s Cross Boundary Program.

Office of Technology Partnerships September 17, 2007 State and Local Collaboration Michigan’s Cross Boundary Program.
© 2003 IBM Corporation Privacy 12 th CACR Workshop Yim Y. Chan Chief Privacy Officer & CIO IBM Canada Ltd. w3.ibm.com/Privacy.

© 2003 IBM Corporation Privacy 12 th CACR Workshop Yim Y. Chan Chief Privacy Officer & CIO IBM Canada Ltd. w3.ibm.com/Privacy.
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Information System Continuous Monitoring (ISCM)

Information System Continuous Monitoring (ISCM)
Risk Management Framework

Risk Management Framework
High-Level Assessment Month Year

High-Level Assessment Month Year
Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.

Overview 4Core Technology Group, Inc. is a woman/ veteran owned full-service IT and Cyber Security firm based in Historic Petersburg, Virginia. Founded.
Complying With The Federal Information Security Act (FISMA)

Complying With The Federal Information Security Act (FISMA)
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
An overview of the NIST Risk Management Framework ISA 652 Fall 2010

An overview of the NIST Risk Management Framework ISA 652 Fall 2010
Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.

Vulnerability Management Dimension Data – Tom Gilis 24 November 2011.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Panel: Moderator: Michele Iversen Guest Experts: Dr. Ron Ross, Rod Beckstrom, Bob Wandell.

Panel: Moderator: Michele Iversen Guest Experts: Dr. Ron Ross, Rod Beckstrom, Bob Wandell.

Similar presentations

Ads by Google