Apr
29
From: HedgeCo.Net
Mary Beth Hamilton
Cyber-attacks are among the most pressing threats to global security. James Clapper, director of U.S. national intelligence, acknowledged these threats in a recent congressional address. His remarks emphasized the need for organizations of all types to prepare against potential intrusions, which may originate from criminal groups, governmental entities, insiders or “hacktivist” groups such as Anonymous.
Apr
22
From: FedTech
Karen Scarfone
Agencies that conduct continuous monitoring audit the security of one or more information systems or networks at all times to detect security and operational problems, including attacks and violations of agency policies. Before the advent of continuous monitoring technologies, the full security of systems was often reviewed infrequently, perhaps yearly, as part of periodic system audits. Reviewing security so rarely meant that systems were often insecure or even compromised for long periods of time before problems were detected and could be mitigated.
Apr
19
From: Computing.co.uk
By Danny Palmer
Barclays’ adoption of Splunk data insight and intelligence tools has prevented the bank from being fined for anti-compliance or worse, barred from doing business.
That is according to Stephen Gailey, group head of security services for Barclays, who made the comments during a presentation at Splunk’s “Splunk Live” conference in the City of London.
He explained how a previous poor Security Information and Event Management (SIEM) system prevented Barclays from being able to properly extract and use data.
Apr
16
From: National Defense
By Yasmin Tadjdeh
The Department of Homeland Security is increasing its cybersecurity presence by using continuous monitoring tools and improving verifying measures, said a top department official.
As part of its continuous diagnostics and monitoring program, DHS is tracking activity across its systems for anomalies and viruses, said Richard Spires, the department’s chief information officer.
“We were really moving aggressively as a government into this whole area of continuous monitoring, as we call it,” said Spires.
Apr
15
From: SearchHealthIT
Emily Huizenga, Editorial Assistant
HIPAA mandates and meaningful use audits tighten up the security rules that healthcare providers must follow. At the same time, a fledgling mHealth landscape heightens the risk of data breaches. All the while, next-generation threats to the security of patient data are beginning to emerge, forcing healthcare CIOs to take a longer, harder look at upgrading patient data security.
Healthcare organizations can recognize and potentially evade patient data security threats by using gap analysis and security information and event management (SIEM) software, as well as log management, said three security leaders during a recent eiQnetworks-hosted webinar, “Unified Situational Awareness for Compliant and Secure Healthcare.”
Apr
11
From: NIST/Information Technology Laboratory
ITL BULLETIN FOR APRIL 2013
SECURITY CONTENT AUTOMATION PROTOCOL (SCAP) VERSION 1.2
VALIDATION PROGRAM TEST REQUIREMENTS
NIST’s Information Technology Laboratory has developed validation program test requirements for SCAP version 1.2. The SCAP Validation Program tests the ability of products to use the features and functionality available through SCAP and its components. SCAP 1.2 consists of a suite of specifications for standardizing the format and nomenclature by which security software communicates information about software flaws and security configurations. The standardization of security information facilitates tool interoperability and enables predictable results among disparate SCAP-enabled security software. The SCAP Validation Program provides vendors with an opportunity to have independent verification that security software correctly processes SCAP-expressed security information and provides standardized output. Industry and government end users benefit from the SCAP Validation Program by having assurance that SCAP-validated tools have undergone independent testing and meet all requirements defined in the SCAP Validation Program Test Requirements document.
Apr
11
From: Government Technology
As an information security engineer for Charlotte, N.C., Rusty Agee is responsible for maintaining the integrity of the network for 6,500 users spread over 100 locations. He and a small team oversee traffic coming into the network from all city departments. Fire stations, police satellite buildings, utilities and solid waste facilities, the transportation department, engineering, administrative functions and more all fall under his purview.
Until recently, the city used an incident management system that satisfied state regulations for storing incident data. But the system was difficult to manage and labor-intensive when it came time to retrieve information – in short, it had outlived its useful life.
Apr
10
From: Network World
The Secure Shell (SSH) cryptographic network protocol that’s supported in software for server authentication and machine-to-machine communications is headed for a significant update.
“There will be a new version of SSH,” says Tatu Ylonen, CEO of SSH Communications Security, pointing to the IETF draft document that’s recently been made available for public review. Co-authored with others, including NIST computer scientist Murugiah Souppaya, this third version of SSH has a focus on key management and could be set by early next year.
Apr
08
Editor’s Note: The comments on NIST’s Request for Information (RFI) on the Cybersecurity Framework prepared by the Center for Regulatory Effectiveness and Multinational Legal Services, PLLC on behalf of the Cybersecurity Consortium are attached here. Below is the Executive Summary.
Federal Determination of Industry Best Practices
The Center for Regulatory Effectiveness’ (CRE’s) comments on the Cybersecurity Framework focus on a single crucial issue:
Two components which need to be included in the Framework’s process for determining Industry Best Practices are:
Apr
03
Editor’s Note: The NIST-disseminated background/overview document “Situational Awareness a New Way to Attack Cybersecurity Issues Rather Than Using a System Defense Approach” is attached here. The following is from the introduction.
The United States Army Field Manual defines “Situational Awareness” as “Knowledge and understanding of the current situation which promotes timely, relevant and accurate assessment of friendly, enemy and other operations within the battle space in order to facilitate decision making.”
What does “Situational Awareness” mean to utilities cybersecurity and critical infrastructure and key resources (CIKR)?
The answer is