From: Health Data Management
By Bob Violino
***
Mar
25
NPPD to become Cyber Infrastructure Protection
Editor’s Note: See, Achieving a Cyber-Reliant Infrastructure.
From: FCW
By Mark Rockwell
A plan to reorganize the Department of Homeland Security’s National Protections and Programs Directorate, currently under review on Capitol Hill, would recast the organization into a form that better employs its capabilities, from cyber to physical protections, according to Andy Ozment, DHS’ assistant secretary for Cybersecurity and Communications.
In remarks to the Information Security and Privacy Advisory Board on March 24, Ozment said the plan would rename NPPD to Cyber Infrastructure Protection and cut across current stovepipes of the National Cybersecurity and Communications Integration Center, the Office of Infrastructure Security and Federal Protective Services.
Mar
24
Why big data and SIEM don’t always equal big answers for security
From: Information Age
Enterprises are investing in big data solutions like SIEM to help them better detect cyber attacks – so why do many IT pros feel that SIEM still leaves them short on answers in many areas?
Posted by Chloe Green
***
SIEM deployment is complex and expensive yet the large volumes of collected data leave administrators with much to do before they can extract any meaningful results. Often they are presented with a sea of information and a lack of actionable insight that inevitably leads to missed security incidents. One of the issues with being alerted to all network events is that more than half of them are false alarms.
Mar
24
DHS cyber moving beyond signature-based protection
From: Federal Times
In the coming weeks and months, the National Protection and Programs Directorate (NPPD), the Department of Homeland Security’s cybersecurity division, will be instituting new tools and procedures to close one of the most criticized gaps in its capabilities: the reliance on signature-based threat detection
***
“Integrating CDM and Einstein was always a part of the plan,” Schneck said, stating that the dashboards aren’t yet set up across the government, preventing the two systems from being linked at this time. “They need to have that set up with us before we can start using that but it’s rapidly approaching.”
Mar
17
SIEM is expensive for 69 per cent of companies
From: ITProPortal
By Sead Fadilpašić, CONTRIBUTOR
Security information and event management (SIEM) systems are placing extra weight on companies’ budgets, a new study suggests.
***
The results show that SIEMs are quite expensive, mostly when it comes to maintenance and support. Looking at what drives the cost of SIEM ownership up, the need to hire and train more SIEM analysts scored highest (4.8).
Mar
11
Gaps in HHS continuous monitoring program among audit findings
From: FierceGovernmentIT
Although the Health and Human Services Department has formalized its information security continuous monitoring program, department-wide implementation gaps persist, according to an HHS Office of Inspector General report (pdf) issued March 7.
HHS operating divisions lack final policy guidance on how to address and report on Homeland Security Department-mandated metrics, such as vulnerability management, software assurance, information management, patch management, license management, event management, malware detection, asset management and network management, found the audit, which Ernst & Young, LLP independently conducted.
Mar
10
OMB: All agency acquisitions get innovation labs by May 2
From: Federal Times
The Office of Management and Budget released guidance on March 9 requiring the acquisition departments of all federal agencies to develop innovation labs by May.
***
Rung said that the innovation labs had already produced strong results for agencies like the Departments of Health and Human Services and Homeland Security, who embraced human-centered design in their acquisition process, with DHS cutting procurement time in half for an Einstein cybersecurity contract resulting from its innovation lab.
Mar
09
Einstein, cyber workforce priorities for DHS chief
From: FCW
By Mark Rockwell
***
“One of my top goals is to have federal civilian agencies have [Einstein 3A] in place before the end of the year,” Johnson testified at a Senate Homeland Security and Governmental Affairs Committee hearing on DHS’ proposed $40.6 billion budget for fiscal 2017.
Echoing remarks he made in February during his “state of the agency” speech, Johnson told lawmakers on March 8 that further investment in Einstein and the Continuous Diagnostics and Mitigation program was critical to federal agencies.
Mar
08
HHS closes FISMA gaps, but cyber risks remain
From: FCW
By Mark Rockwell
***
The report also said HHS operating divisions did not consistently review, remediate or address risks from vulnerabilities found in configuration baseline compliance and vulnerability scans done through Security Content Automation Protocol tools.
Auditors found that three divisions were fielding IT systems with expired authority to operate certificates. More generally, the report found that all operating divisions need to do a better job of making sure hardware and software inventories are up to date.
Mar
07
CDM-as-a-service great, but what next?
From: FCW
By Mark Rockwell
Small federal agencies like the option of obtaining the Continuous Diagnostics and Mitigation cybersecurity program from the Department of Homeland Security as a shared service. But some are also wondering how they can sustain their cybersecurity work into the future.
In late 2015, DHS and the General Services Administration began the process of offering CDM tools for 40 of the federal government’s smallest agencies via cloud shared services to cut down on or eliminate the on-premises duplication across those smaller entities.