NIST SP 800-137

From: CIO

Continuous Diagnostics and Mitigation program would bolster federal continuity, as well as boost security practices at state, local level.

By Antone Gonsalves

CSO— Plans for a $6 billion federal shopping hub to help government agencies protect their unclassified networks from cyberattacks sparked optimism among experts who believed the program could significantly improve security.

Editor’s Note:  A highly influential study which recommended updates to OMB Circular A-130 is discussed here.

From: Federal Times

By ANDY MEDICI

The Office of Management and Budget is drafting a memo to come out by the end of the year that will give agencies greater flexibility when it comes to monitoring and authorizing information systems as secure, according to agency officials.

The memo will allow agencies to move away from having to reauthorize an information system every three years as mandated by the Federal Information Security Management Act, according to Ron Ross, senior computer scientist at the National Institute of Standards and Technology.

From: Securosis

We have discussed why continuous security monitoring is important, how we define CSM, and finally how you should be classifying your assets to figure out the most appropriate levels of monitoring. Now let’s dig into the problems you are trying to solve with CSM. At the highest level we generally see three discrete use cases:

• Attacks: This is how you use security monitoring to identify a potential attack and/or compromise of your systems. This is the general concept we have described in our monitoring-centric research for years.

From: Bloomberg

By Chris Strohm & Danielle Ivory

The U.S. Department of Homeland Security plans to create a $6 billion shopping hub for federal, state and local agencies seeking to shield their computer networks from hackers.

Contracts for what may become the biggest unclassified cybersecurity program in the U.S. government will be awarded as early as this month.

The agreement has attracted interest from dozens of companies seeking opportunities in a $512 billion federal contracting market that is shrinking with the wars’ end and U.S. budget cuts. The list of bidders includes top contractors such as Lockheed Martin Corp. (LMT), Northrop Grumman Corp. (NOC) and SAIC Inc. (SAI)

From: FedTech

Follow this advice to maintain awareness of system security and advancing threats.

From: FierceCIO

One on one with Tenable CEO Ron Gula: Basic guidelines and continuous monitoring  yield better risk management

By Paul Mah

It seems like every other day now we either hear about the discovery of  another software vulnerability, or of a new security compromise in a large  organization. So is there any way at all that hackers can be kept out of  corporate networks?

While there are things that enterprises could be better at, they aren’t as  bad as they seem, says Ron Gula, founder and CEO of Tenable  Network Security. Tenable is the maker of the Nessus  vulnerability scanner, and Gula himself is an engineer with extensive  experience consulting with Fortune 200 companies.

From: FederalNewsRadio.com

Inside the Reporter’s Notebook: DHS cyber contract awards delayed; musical chairs in federal IT ranks

By Jason Miller

Vendors and agencies alike will have to wait a few extra weeks, at least, before they can dig into the $6 billion continuous diagnostic and mitigation tools and continuous-monitoring-as-a-service contracts.

Vendor sources confirm the Homeland Security Department has delayed the awards under the request for proposals. DHS released the solicitation in December looking for 15 tools and help in 11 task areas to help agencies implement continuous monitoring.

From: Federal Times

By NICOLE BLAKE JOHNSON

The Homeland Security Department plans to award a potential $6 billion contract as early as this month to provide continuous monitoring cybersecurity services to the 17 largest federal civilian agencies and itself.

DHS will centrally oversee the procurement, operations, and maintenance of diagnostic tools for agencies to quickly identify and fix cyber risks in their networks.

DHS expects the tools will eventually conduct 60 billion to 80 billion security checks at least every three days across government. Summaries of that data will be reported to a DHS system called CyberScope and used to identify and address the government’s most severe security problems.

From: Business Week

By Vijay Basani

In all the mysteries surrounding the Edward Snowden affair, there’s one that hasn’t received much attention: Why didn’t the NSA, one of the most technologically sophisticated organizations on the planet, have a way to detect that Snowden was downloading thousands of documents?

The corollary question every chief executive should ask of his or her top security officer: “Does our organization have a way to detect unauthorized access to our data?” According to the recent SANS 2013 Critical Security Controls survey, less than 10 percent of companies actually have proactive monitoring of security controls, the area that governs unauthorized access.

From: Dark Reading

Kelly Jackson Higgins

ICS/SCADA experts test continuous monitoring approach as a way to spot denial-of-service, malware, and other attacks

An experiment conducted by ICS/SCADA security experts reveals how utilities could spot malware and cyberattacks on their automation environments on the fly merely by continuously monitoring the customarily predictable behaviors of those networks and systems.

ICS/SCADA automation networks—unlike typical IT networks—operate in predictable bandwidth usage, traffic patterns, and CPU usage, for example, so any anomalies or changes to the norm indicate something’s awry—a malware infection, a DDoS, brute-force attack, or even a random equipment failure, experts say.