Streamline Federal Security Compliance
Upcoming SlideShare
Loading in...5

Streamline Federal Security Compliance






Total Views
Views on SlideShare
Embed Views



2 Embeds 678 677 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Streamline Federal Security Compliance Streamline Federal Security Compliance Presentation Transcript

  • Streamline Federal Security Compliance2:10 p.m. -2:50 p.m.Speakers include:• Jill Vaughan, CISO & Director of Information Assurance and Cybersecurity, TSA, DHS• David Otto, ITSC Configuration Management Team Manager, DOJ• Jean Delices, Endpoint Lifecycle Management System Program Manager, DOJ• Mike Paishon, IBM BigFix Technical Program Account Manager, IBM
  • Streamline Federal Security ComplianceModerator: Michael Paishon, IBM AVP/SME for US Department of JusticeDavid Otto, ITSC Configuration Management Team Manager, DOJJill Vaughan, CISO, Director of Information Assurance and Cyber Security, TSAJean Delices, Endpoint Lifecycle Management System Program Manager, DOJ
  • Opening Thoughts “Continuous monitoring is the backbone of true security.” - Vivek Kundra, former Federal Chief Information Officer, OMB “If you can’t measure it, you can’t manage it.” - Dr. W. Edwards Deming 3
  • Federal Mandates and Requirements FISMA (NIST) Continuous Monitoring (OMB/DHS) Continuous monitoring definition Information security continuous monitoring is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. The objective is to conduct ongoing monitoring of the security of an organization’s networks, information, and systems, and respond by accepting, avoiding/rejecting, transferring/sharing, or mitigating risk as situations change. NIST SP 800-137 – Initial Public Draft 4
  • Framework of discussion Challenges with functionalizing continuous monitoring Organizational Technical Reaching the “edge” of the network (Mobile) Streamlining the approach Identifying areas for improvement Measuring vs. Securing Evolving the approach Stationary security is inadequate security Security Compliance Vs Active Security 5
  • Jill Vaughan Jean Delices , CISO, Director of ELMS Team Lead, DOJ Information Assurance and Cyber Security, TSA Q&A with Michael Paishon David Otto IBM AVPSME ,DOJ ITSC Configuration Management Team Manager, DOJ 66
  • For Additional Information Visit the Agile Summit Solution Center for demonstrations of these capabilities. Ask an IBM Ambassador for additional information (case study, white paper, solution brief, etc.) related to the content shared during this session. For a follow up discussion, complete the IBM Response Card on the table in front of you. 7
  • Thank You ! 8
  • Reference Slides 9
  • Continuous Monitoring Capability Maturity Add Essential Develop Monitoring Timeliness, Continuous Operational Control-induced and Controls Accuracy, Monitoring Supports Security Coverage x Response --- Maintain, and ImproveCapability-induced Security Security Capability-induced Security Evolution 1 Evolution 2 Evolution 3 Goal Cable Programming Content Metric Type Checklist Capability Metric CAG Operational Metric Monitoring Metric• Priorities identified Based on material developed by Kim Watson, NSA• Baselines established• Measures available 10
  • Continuous Monitoring ConceptsThe Big Idea:•Data feeds are aggregated andrisk-analyzed up.•Strategies and policies areissued down.•Stove pipes are eliminated.•Reporting is automated. 11
  • Continuous Monitoring and AutomationWhen possible, organizations look for automated solutions to lower costs, enhanceefficiency, and improve the reliability of monitoring security-related information.Security is implemented through a combination of people, processes and technology.The automation of IT security deals primarily with automating aspects of security thatrequire little human interaction. This includes items such as verifying technical settingson individual network endpoints, or ensuring that the software on a machine is up todate with organizational policy. This automation serves to augment the securityprocesses conducted by security professionals within an organization. NIST SP 800-137 pp. 15 – Initial Public Draft 12 6
  • Maturity in Functional Terms 13