Mar
27

CDM Program Prepping Data Protection Push at Select Agencies

From: MeriTalk

The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program office is preparing to work with five Federal government agencies on data protection management efforts, CDM Program Manager Kevin Cox said today at an event organized by RSA and the Advanced Technology Academic Research Center (ATARC).

Data protection management was formerly classified by the CDM program as the final step in the program’s four-phase effort to help put agencies on a better cybersecurity footing (the first three are asset management, identity and access management, and network security management). While the program has done away with the “phases” nomenclature in favor of emphasizing a more holistic and non-sequential approach, its pending work to bring data protection management to selected agencies indicates that some agencies are preparing to work on closing the full circle of the program’s stated aims.

Mar
27

Air Force’s New Fast-Track Process Can Grant Cybersecurity Authorizations In One Week

From: Nextgov

By Aaron Boyd, Senior Editor, Nextgov

The process is a mix of quick but comprehensive testing up front followed by continuous monitoring through the life of the app.

***

Rather than go through each security control individually, the fast-track process allows project owners to run a penetration test—in which cybersecurity experts attempt to break the system—to establish a security baseline, then incorporate continuous monitoring of those systems into the future to ensure it remains secure.