There is speculation that the recent cyberattack on Lockheed Martin was the work of the same hackers who were responsible for the RSA breach.
As FISMA Focus recently documented, a federal agency successfully adapted and utilized their continuous monitoring software to combat the new threats posed by the RSA hack. FISMA Focus explained that the key lesson learned from the incident “is that continuous monitoring software needs to capable of adapting to new needs, of the fly, and be able to combine data from multiple sources.”
The attack on Lockheed Martin further demonstrates that need of federal agencies and their contractors to be able to rapidly and effectively detect and respond to cyberattacks. To ensure that all FISMA-compliant organizations have the needed capabilities, NIST’s draft continuous monitoring guidance document, SP 800-137, needs to adopt the strict continuous monitoring standards contained in the joint DHS/NIST “CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture.”
The draft CAESARS Framework Extension is attached below.
Leave a Reply