OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016.

Slides:



Advertisements
Similar presentations
NISTs Role in Securing Health Information AMA-IEEE Medical Technology Conference on Individualized Healthcare Kevin Stine, Information Security Specialist.
Advertisements

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
BENEFITS OF SUCCESSFUL IT MODERNIZATION
Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)
Lynn Ray ISO Towson University Strategic Planning for IT Security Copyright Lynn Ray, This work is the intellectual property rights of the author.
Framework for Improving Critical Infrastructure Cybersecurity NIST Feb 2014.
Security Controls – What Works
Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Accessibility, Integrity, & Confidentiality: Security Challenges for E-Business Rodney J. Petersen University of Maryland & Educause/Internet2 Security.
Ferst Center Incident Incident Identification – Border Intrusion Detection System Incident Response – Campus Executive Incident Response Team Incident.
A First Course in Information Security
No one questions that Microsoft can write great software. Customers want to know if we can be innovative, scalable, reliable in the cloud. (1996) 450M+
SEC835 Database and Web application security Information Security Architecture.
Information Security Update CTC 18 March 2015 Julianne Tolson.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.
HIPAA COMPLIANCE WITH DELL
“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.
IT Security Requirements Under the HITECH Act RA for MU and Continuous Monitoring Lisa Broome, RPMS ISSO.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
BUSINESS B1 Information Security.
WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.
PRIVACY AND INFORMATION SECURITY ESSENTIALS Information Security Policy Essentials Melissa Short, IT Specialist Office of Cyber Security- Policy.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Security is not just… 1 A Compliance Exercise Certification and Accreditation FISMA.
1 © Material United States Department of the Interior Federal Information Security Management Act (FISMA) April 2008 Larry Ruffin & Joe Seger.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
PMC Update on Cyber Sprint June 18, Overview: 30-Day Cyber Sprint 1.Interagency Cyber Sprint Team: Launched June 11 and executing against the.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Converting Policy to Reality Designing an IT Security Program for Your Campus 2 nd Annual Conference on Technology and Standards May 3, 2005 Jacqueline.
Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.
Enterprise Cybersecurity Strategy
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
Cybersecurity Risk, Remediation, Response Nathan Gibson, CCE, CEH.
Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,
IT Security Requirements Under the HITECH Act RA for MU and Continuous Monitoring Lisa Broome, RPMS ISSO.
The Art of Information Security: A Strategy Brief Uday Ali Pabrai, CISSP, CHSS.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
The Health Insurance Portability and Accountability Act of 1996 “HIPAA” Public Law
Scott Van Heest IT Specialist NAACCR 2010, Quebec City, Canada June 24, 2010 Central Cancer Registry: Data Security The Reporting of Veterans Health Administration.
HHS Security and Improvement Recommendations Insert Name CSIA 412 Final Project Final Project.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Advanced Planning Brief to Industry Jerry L. Davis DAS, Office of Information Security June 9, 2011.
WSU IT Risk Assessment Process
Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.
Introduction to the Federal Defense Acquisition Regulation
Medical Device Cybersecurity Legislative Activities - Overview
I have many checklists: how do I get started with cyber security?
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
County HIPAA Review All Rights Reserved 2002.
Cybersecurity ATD technical
THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,
IT Management Services Infrastructure Services
In the attack index…what number is your Company?
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Presentation transcript:

OFFICE OF VA ENTERPRISE ARCHITECTURE VA EA Cybersecurity Content Line of Sight Report April 29, 2016

Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only Purpose and Use of the Report Purpose – Present a pictorial overview of cybersecurity information captured in the VA EA Use – Provides a graphical illustration of the relationships between the integrated cybersecurity information that is discoverable in the VA EA – The report is one of the many VA EA artifacts used to: Enable the identification of cybersecurity capability gaps and duplication for Planning, Programming, Budgeting and Execution (PPBE) Support the CIO’s initiatives in discovering, managing and implementing cybersecurity policies affecting the security of VA IT infrastructure and all related physical and human assets. 1

Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only What Cybersecurity information is captured in the VA EA? 1.VA BRM Functions and Business Functions 2.FEA BRM Code 3.CIO’s Enterprise Cybersecurity Strategy Goals 4.CIO’s Enterprise Cybersecurity Strategy Objectives 5.Processes: IT Service Continuity Management Milestone (ITCSM) – ITCSM Create Service Continuity Capability – ITCSM Monitor and Assess Service Continuity – ITCSM Enhance IT Service Continuity Capability – ITCSM Manage Emergency Events 6.The National Institute of Standards and Technology (NIST) Cybersecurity Standards 2 7.Laws, Regulations, Policies and Directives (LRPDs) 8.Findings: 2014 VA Performance and Accountability Report (PAR) 9.Findings: OIG FISMA 2014 Audit 10.Performance Measurement ID and Name 11.Design Patterns – Enterprise Secure Messaging Design Pattern – Internal User Identity Authentication Design Pattern – IT Service Management Increment 1: FISMA/FICAM Material Weakness #1 & #6 Resolution Design Pattern 12.VASI System ID and Name

Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only Enable visibility and discoverability of VA cybersecurity related content for effective decision making.

Office of VA Enterprise Architecture Working Draft – For Internal VA Use Only Line of Sight Report Legend VA Cybersecurity Business Function Metadata Title Hyperlinks to Cybersecurity Findings and Material Weaknesses Hyperlinks to comprehensive NIST Standards and LPRD’s VA Cybersecurity BRM Function VA Cybersecurity BRM Business Functions VASI System Name VA Cybersecurity BRM Business Function Description VASI System ID VA CIO’s Enterprise Cybersecurity Strategy Goals and Objectives VA Cybersecurity Business Function Metadata Description FEA Business Reference Model v 3.1 Service Code VA Cybersecurity BRM Business Function

5 Manage Data Integrity and Privacy TitleNo. Description Manage Data Integrity and Privacy involves the coordination of data collection, storage, dissemination, and destruction as well as managing the policies, guidelines, and standards regarding data management, so that data quality is maintained and information is shared or available in accordance with the law and best practices Enterprise Cybersecurity Goals Goal 1. Protecting Veteran Information and Data Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections Objective B: Incorporate security and privacy protections in VA’s environment FEA Service Code 317 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6502: VA Enterprise Privacy Program : Web Page Privacy Policy 6504: VA Directive 6504 Rescinded by VA Handbook : Reducing the Use of Social Security Numbers 6508: Implementation of Privacy Threshold Analysis and Privacy Impact Assessment 6509: Duties of Privacy Officers 6511: Presentations Displaying Personally-Identifiable Information 6517: Cloud Computing Services, 6515: Use of Web-Based Collaboration Technologies 6518: Enterprise Information Management (EIM), 6600: Responsibility Of Employees And Others supporting VA In Protecting Personally Identifiable Information (PII) Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 180Percent of users required to use a Personal Identity Verification (PIV) card to authenticate Design Patterns Enterprise Secure Messaging Design Pattern: VASI System 1124Common Security System 1463VistA - Patient Data Exchange 1524Portal for Electronic Third-party Insurance Recovery 1767VHA Support Service Center National SSN Security Database 2015Common Security Applications Manager 2017Common Security User Manager Provide Cyber Information Security Services Manage Data Integrity and Privacy Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Manage Data Integrity and Privacy

6 Manage Identification, Authentication and Access TitleNo. Description Manage Identification, Authentication and Access defines the set of capabilities to support obtaining information about those parties attempting to log on to a system or application for security purposes and the validation of those users Enterprise Cybersecurity Goals Goal 1: Protecting Veteran Information and Data Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections FEA Service Code 648 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook : Secure Wireless Technology Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 136Percent of encrypted devices (Laptops) Design Patterns Enterprise Secure Messaging Design Pattern VASI System 1124Common Security System 1257Fat-client Kernel Authentication & Authorization Tool 1510VistA - Person Services Identity Management 2017Common Security User Manager 2030Electronic Computer Access Request Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Manage Identification, Authentication and Access

7 Manage Data Protection and Cryptography TitleNo. Description Manage Data Protection and Cryptography defines the set of capabilities to support the use and management of ciphers, including encryption and decryption processes, to ensure confidentiality and integrity of data Enterprise Cybersecurity Goals Goal 1: Protecting Veteran Information and Data Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections FEA Service Code 650 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook : Secure Wireless Technology Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 136Percent of encrypted devices (Laptops) Design Patterns Enterprise Secure Messaging Design Pattern VASI System 1002Access Manager 1124Common Security System 1257Fat-client Kernel Authentication & Authorization Tool 1767VHA Support Service Center National SSN Security Database 2015Common Security Applications Manager 2016Common Security Employee Manager 2017Common Security User Manager 2030Electronic Computer Access Request Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Manage Data Protection and Cryptography

8 Respond to IT Security Incidents TitleNo. Description Respond to IT Security Incidents defines the set of capabilities to provide active response and remediation to a security incident that has allowed unauthorized access to a government information system Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective B: Respond rapidly to cyber threats and intrusions through timely network monitoring and detection Objective C: Recover rapidly from cyber incidents through effective response, resilience and restorations plans FEA Service Code 654 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 69Number of Security Incidents 70Percent reduction in events requiring credit protective services/notifications VASI System 2046BMC Remedy Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Respond to IT Security Incidents

9 Monitor IT Security Controls TitleNo. Description Monitor IT Security Controls includes all activities related to the real-time monitoring of security controls employed within or inherited by a system. (see Appendix G of NIST Special Publication ) Enterprise Cybersecurity Goals Goal 1: Protecting Veteran Information and Data Goal 2:Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective A: Provide secure access and assure privacy protections Objective D: Manage risk via continuous monitoring, detection and diagnostics, intelligence sharing, accelerated adoption of lessons learned and mitigations FEA Service Code 316 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504:VA Directive 6504: Rescinded by VA Handbook : Secure External Connections 6500: Managing Information Security Risk: VA Information Security Program Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 181Percent of external network traffic passing through a Trusted Internet Connection (TIC) VASI System 2050Tenable Nessus Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Monitor IT Security Controls

10 Capture and Analysis of Audit Trails TitleNo. Description Capture and Analysis of Audit Trails defines the set of capabilities to support the identification and monitoring of activities within an application, system, or network Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective A: Enhance timely detection of cyber threats and intrusions and situations awareness FEA Service Code 316 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 69Number of Security Incidents Design Patterns Internal User Identity Authentication Design Pattern Enterprise Secure Messaging Design Pattern External User Authentication Design Pattern VASI System 1002Access Manager 2030Electronic Computer Access Request 2049SPLUNK Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function Capture and Analysis of Audit Trails

11 Description Certify and Accredit IT Systems, Applications and Devices defines the set of capabilities to support the certification and accreditation (C&A) of federal information systems, applications and devices, as described in NIST SP Enterprise Cybersecurity Goals Goal 3: Protecting VA Infrastructure and Assets Enterprise Cybersecurity Objectives Objective A: Prioritize identification and protection of high value assets and sensitive information Objective B: Incorporate security and privacy protections in VA's environment FEA Service Code 656 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 72Percent of IT systems formally approved for secure operations 136Percent of users required to use a Personal Identity Verification (PIV) card to authenticate 182Percent of required TIC capabilities implemented by TIC(s) used by the organization VASI System 2032Risk Vision - Governance, Risk and Compliance System 2050Tenable Nessus Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities VA BRM Function TitleNo. Certify and Accredit IT Systems, Applications and Devices

Perform IT Service Continuity Management Perform IT Service Continuity Management TitleNo. Description Perform IT Service Continuity Management defines the set of capabilities to ensure that agreed-upon IT services continue to support business requirements in the event of a disruption to the business. Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective D: Manage risk via continuous monitoring, detection and diagnostics, intelligence sharing, accelerated adoption of lessons learned and mitigations Objective C: Strengthen business process and supporting technology including partner and third party interactions Processes IT Service Continuity Management Milestone (ITCSM) Level Process ITCSM Create Service Continuity Capability ITCSM Monitor and Assess Service Continuity ITCSM Enhance IT Service Continuity Capability ITCSM Manage Emergency Events NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 145 Percent of facilities with completed/updated site security plan within the last 12 months 195 Percent of facilities with completed/updated risk assessment within the last 12 month 201 Percent of facilities with completed Incident Response Plan (IRP) Design Pattern IT Service Management Increment 1: FISMA/FICAM Material Weakness #1 & #6 Resolution 0Pattern%20Final%20V1_508_ pdf VASI System 1524 Portal for Electronic Third-party Insurance Recovery (PETIR) Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture an Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities 12 VA BRM Function Perform IT Service Continuity Management

Manage Threats and Vulnerabilities TitleNo. Description Manage Threats and Vulnerabilities involves all functions pertaining to the protection of federal information and information systems from unauthorized access, use, disclosure, disruptions, modification, or destruction, as well as the creation and implementation of security policies, procedures and controls. It includes all risk and controls tracking for IT systems Enterprise Cybersecurity Goals Goal 2: Defending VA's Cyberspace Ecosystem Enterprise Cybersecurity Objectives Objective A: Enhance timely detection of cyber threats and intrusions and situations awareness FEA Service Code 315 NIST Standards Laws, Regulations, Policies and Directives (LRPD’s) 6504: VA Directive 6504 Rescinded by VA Handbook 6500 Findings: 2014 VA Performance and Accountability Report (PAR) Findings: OIG FISMA 2014 Audit Performance Measurement ID and Name 225 Number of critical and high vulnerabilities identified and mitigated within 30 days 226 Number of unauthorized software found and removed within the last 30 days VASI System 1009 AITC Physical Security 2050 Tenable Nessus 2066 National Vulnerability Database Repository Tool Provide Cyber Information Security Services Manage Data Integrity and Privacy VA BRM Business Function Manage Identification, Authentication and Access Manage Data Protection and Cryptography Respond to IT Security Incidents Monitor IT Security Controls Capture and Analysis of Audit Trails Certify and Accredit IT Systems, Applications and Devices Perform IT Service Continuity Management Perform IT Service Continuity Management Manage Threats and Vulnerabilities 13 Manage Threats and Vulnerabilities VA BRM Function

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.