NIST SP 800-137

From: FedTech

The shared services platform will include a multitenant cybersecurity dashboard for real-time threat monitoring.

by Phil Goldstein

Smaller agencies will soon get on the same footing as their larger brethren when it comes to cybersecurity support. The Department of Homeland Security will soon receive approval to extend its Continuous Diagnostics and Mitigation program as a shared service to smaller, non-CFO Act agencies, according to a key DHS office.

Kevin Cox, program manager for CDM at DHS, said on March 27 that officials were awaiting authorization for the platform, FeddScoop reports.

Read Complete Article

From: IEEE Spectrum

A new tool will enable grid operators to better detect not only a brutal physical attack, but also a hacker probing for vulnerabilities

By David C Wagman

***

Against those background events, a team of researchers working at the U.S. Energy Department’s Lawrence Berkeley National Laboratory completed work earlier this year on a project to design and implement a tool they say can detect cyberattacks and physical assaults on power distribution networks.

Their tool, developed after three years of work, uses micro phasor measurement units (μPMUs) to collect information about the physical state of the power distribution grid. Combining that data with SCADA (supervisory control and data acquisition) information provides real-time insights into system performance and alerts grid operators to even a minor disruption.

From: FCW

By Derek B. Johnson

Following a joint hearing of the House Homeland Security and Government Oversight committees on implementation of the Continuous Diagnostics and Mitigation program, Cybersecurity and Infrastructure Protection Subcommittee Chairman Rep. John Ratcliffe (R-Texas) expressed optimism that federal agencies could move past a series of implementation stumbles and indicated to reporters that a legislative solution might be in the offing.

Ratcliffe, along with Reps. Will Hurd (R-Texas) and Jim Langevin (D-R.I.), sent a letter to the House Appropriations Committee on March 15 requesting $237 million in funding to agencies and the Department of Homeland Security for implementation of CDM in fiscal year 2019. After the hearing concluded, Ratcliffe told reporters that despite numerous implementation delays within agencies, he still believes the program can be effective.

From: FCW | Comment

By Mark Weatherford, Paul Doherty

The first two phases of the Department of Homeland Security’s Continuous Diagnostic and Mitigation program have helped government agencies deploy foundational cybersecurity solutions for real-time visibility and continuous network monitoring to identify vulnerabilities, reduce risk, ensure compliance and respond to threats.

DHS and the General Services Administration deserve tremendous credit for implementing a technical program of this size and complexity. However, the first two phases barely bring government to the starting line of the cybersecurity technology race. The private sector and U.S. adversaries are already well past that point.

From: Focus on FedRamp

On January 31st, FedRAMP released several new or revised Continuous Monitoring (ConMon) documents and templates with the goal of:

• Improving the overall ConMon process by clarifying certain elements and expectations
• Making it easier to reference aspects of the process that previously were not documented
• Creating structure in parts of the process that may have been interpreted differently by CSPs and JAB Reviewers

We shared detailed information on these documents in a previous blog post, then conducted a webinar in which the FedRAMP PMO walked through each document individually.

From: FCW

By Chase Gunter

Three lawmakers with cyber policy expertise are pushing appropriators to fully fund the administration’s request for continuous diagnostics funding in the Department of Homeland Security’s budget.

The White House’s fiscal year 2019 budget request proposes $237 million in funding for the Continuous Diagnostics and Mitigation program to provide civilian agencies access to tools and personnel to secure networks, identify trusted users and monitor network traffic on their websites.

Read Complete Article

From: FCW

By Ken Ammon

Unless we take a new approach, the Department of Homeland Security’s plans to modernize the Trusted Internet Connections (TIC) program could repeat the same missteps that plague the previous effort. Namely, lack of flexibility, long implementation times and little or no integration with existing cloud security initiatives like the Federal Risk and Authorization Management Program (FedRAMP) and the Continuous Diagnostics and Mitigation Program (CDM).

***

Yet the new version of TIC 3.0 may not be substantially different from TIC 2.2. The latter forced federal IT projects to move at the speed of government. It involved customized, one-of-a kind deployments that took years to implement, and were typically obsolete before they were deployed.

From: HealthITSecurity

The Department of Health and Human Services is improving its FISMA compliance, but still has weaknesses in its information security, including in risk management.

From: Nextgov

By Joseph Marks, Senior Correspondent

***

Cloud Security as a Service

The Senate bill also mandates a report within four months on how Homeland Security is helping other civilian agencies ensure the cybersecurity of their computer cloud-based systems.

***

The report must also focus on how Homeland Security is helping agencies buy commercial SOC services and how it’s adapting its Continuous Diagnostics and Mitigation program—essentially a suite of cybersecurity services the department provides to other agencies—for the cloud era.

Read Complete Article

From: CSO

By Ms. Smith, CSO

Another year, another audit, another set of failings when it comes to the Department of Homeland Security’s IT systems.

The Office of Inspector General (OIG) has released its “Evaluation of DHS’ Information Security Program for Fiscal Year 2017” (pdf). In short, the Department of Homeland Security (DHS) is running outdated software, has unpatched critical vulnerabilities — including the flaw to allow WannaCry ransomware — and some workstation security patches haven’t been deployed for years.

***