From: Federal IT Security Institute
Overview:
Information security is a dynamic process that must be effectively and proactively managed for an organization to identify and respond to new vulnerabilities, evolving threats, and an organization’s constantly changing enterprise architecture and operational environment.
This 2-day seminar focuses on NIST emerging guidance for establishing and implementing a continuous monitoring program for FISMA compliance. This seminar will follow the outline of the NIST Special Publication SP 800-137: Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. The purpose of 800-137 specifically addresses assessment and analysis of security control effectiveness and of organizational security status in accordance with organizational risk tolerance.
Learning objectives encompass understanding the 6-step ISCM process, with a strong focus on tools and technologies that leverage the strategies, policies, and roles and responsibilities of the overall ISCM program, which can assist organizations in their efforts to automate the implementation, assessment, and monitoring of many NIST SP 800-53 security controls.
Organizations can follow reference architecture, such as NIST CAESARS Framework Extension, to implement ISCM technologies. The CAESARS report provides reference architecture, based on security automation standards that guide organizations in deploying enterprise CM implementations.
Seminar attendees will hear and discuss a variety of tools available that an organization can use to efficiently and effectively gather, aggregate, analyze, and report data ranging from continuously monitoring the security status of its enterprise architecture and operating environment, down to components of individual information systems.
Agenda
Seminar Outline
Day 1
1. Continuous Monitoring and its Impact on the Evolution of Risk Management (SP 800-137)
2. Developing and Documenting a Continuous Monitoring Program
a. Organization-Wide View ISCM (SP 800-137)
b. Ongoing System Authorizations (SP 800-137)
c. Role of Automation in ISCM (SP 800-137)
d. ISCM Roles and Responsibilities (SP 800-137)
3. The Process
a. Define ISCM Strategy (SP 800-137)
b. Establish an ISCM Program (SP 800-137)
c. Implement an ISCM Program (SP 800-137)
d. Analyze Data and Report Findings (SP 800-137)
e. Respond to Findings (SP 800-137)
f. Review and Update the Monitoring Program and Strategy (SP 800-137)
4. Enterprise Architecture View for Continuous Monitoring (SP 800-137)
Day2
5. Overview of the CAESARS Reference Architecture (NIST IR 7756)
a. Sensor Subsystem
b. Database Subsystem
c. Analysis/Risk Scoring Subsystem
d. Presentation/Reporting Subsystem
6. SCAP Overview (SP 800-117)
a. The Motivation for Creating SCAP
b. The Definition of SCAP
c. NIST SCAP Product Validation and Laboratory Accreditation Programs
7. Recommendations for Common Uses of SCAP (SP 800-117)
a. Security Configuration Verification
b Requirements Traceability
c. Standardized Security Enumerations
d. Vulnerability Measurement
e. Security Data Analytics
f. Details on Using SCAP for FISMA Compliance
8. Course Wrap-up
Audience
IT auditors and security specialists assigned to implement or assess the information security continuous monitoring program for Federal agencies.
Prerequisites and Advanced Preparation
Candidates should be familiar with OMB Directives and NIST publications for information security.
CPE: 14
Class size: 35
Vendor / Instructor profile
Tina Kuligowski of the Cybersecurity Academy, LLC has over 20 years of experience working with information systems as a programmer for NASA, system administrator for Lexis-Nexis, curriculum developer & and systems trainer for the Department of State. She has a master’s degree in information assurance, and a number of IT security certifications, to include FITSP-M, FITSP-O & FITSP-A, (ISC)2 CAP & CISSP, EC-Council CEH, CHFI & DRP; in addition, she holds a number of vendor-specific IT certifications from Microsoft (MCITP) and Citrix (CCEE). Since 2004, with the release of the original NIST SP800-37, she has developed and delivered a broad range of training material relating to the NIST standards and guidelines for FISMA compliance, and the implementation of information system security.
When
Wednesday and Thursday; June 13-14, 2012 from 8:00 a.m. to 4:00 p.m.
Coffee and sign-in at 7:30 AM on Wednesday, June 13, 2012.
Where
Where: Room (TBD- Sign will be out in front)
Arlington Campus New Building (Founders Hall)
3351 North Fairfax Drive “Original Building”
Arlington, VA 22201
Facility information and/or closing due to inclement
weather please call: (703) 993-8140 or (703) 993-8999
(Located close to the Virginia Square Metro stop on Fairfax Drive.
Directions http://coyote.gmu.edu/map/arling.html
Continuing Education Units
14
Parking
You can park at the parking garage for GMU Founders Hall, which is accessible off of Kirkwood Road. There is a sign for the garage. The cost is $3/hr or $14 max per day.
Meals
Attendees will receive a Cosi gift card for meals for both days of the class.
Cost
FITSI Members: $450
ISACA, ISSA, or IIA: $550
All Others: $600
Registration
Click Here
Leave a Reply