NIST SP 800-137

From: FCW

By Lauren C. Williams

The Defense Information Systems Agency is spearheading a continuous monitoring solution that it hopes will virtually eliminate the reinvestigation process for security clearance holders and reduce the backlog of more than 700,000 cases.

“Fundamentally, the National Background Investigation System is designed to replace and modernize the existing systems that were being operated by OPM,” Terry Carpenter, DISA’s services development executive and acting program executive officer for NBIS, told FCW. “The solution is to automate … it’s about modernizing the process, not just building a more secure system.”

Read Complete Article

From: FedScoop

Carten Cordell

The Department of Homeland Security will award cybersecurity contracts worth $1 billion this month, as its Continuous Diagnostics and Mitigation program prepares to expand the services it offers federal agencies,

The contracts will be part of CDM’s Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program. CDM Program Manager Kevin Cox said Wednesday that his office was looking to award contract task orders for agencies in Groups C and E this month, followed by a July award for Group D.

Read Complete Article

From: HydroWorld.com

By Michael Harris 

The U.S. Department of the Interior has awarded five-year contracts to Booz Allen Hamilton and Spry Methods for cyber security management services at more than 600 dams under the Bureau of Reclamation’s authority.

The indefinite-delivery, indefinite-quantity contracts are each worth $45 million and cover the Department of Homeland Security’s stipulations for continuous diagnostics and mitigation.

Read Complete Article

From: Associated Press

SACRAMENTO, Calif. (AP) — Two dams critical to U.S. national security are at high risk for “insider threats” that could impair operations because of poor computer security practices such as too many employees having access to administrator accounts and failures to routinely change passwords, according to a new inspector general report.

An evaluation released Monday by the U.S. Department of the Interior doesn’t name the two dams, and spokeswoman Nancy DiPaolo cited national security concerns. But they are among five dams operated by the U.S. Bureau of Reclamation that are considered “critical infrastructure,” meaning their destruction or impairment could hurt national security. Those five dams are Shasta and Folsom Dams in California, Glen Canyon Dam in Arizona, Grand Coulee Dam in Washington and Hoover Dam, which straddles Nevada and Arizona.

From: FCW

By Chase Gunter

The Continuous Diagnostics and Mitigation program at the Department of Homeland Security has retooled in recent task orders to give voice to complaints that agencies didn’t have enough say in the acquisition and implementation process. FCW caught up with Jim Quinn, lead systems engineer for CDM, on the sidelines of a May 31 industry event to talk about how that learning curve played out in real time, from the program’s inception to the present. This interview has been edited and condensed for clarity.