Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Matt Coose Federal Computer Week FISMA Presentation 050511

    Încărcat de

    Christopher Dorobek
    110 vizualizări12 pagini
    DHS Matt Coose re cybersecurity

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    DHS Matt Coose re cybersecurity

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    110 vizualizări12 pagini

    Matt Coose Federal Computer Week FISMA Presentation 050511

    Încărcat de

    Christopher Dorobek
    DHS Matt Coose re cybersecurity

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 12

    Department of Homeland Security

    Matt Coose – Director, Federal Network Security (FNS)

    Facing FISMA Implementation:


    Making and Measuring Agency Progress
    Homeland National Cyber Security Division
    Security
    5/5/2011 10:25:11 AM
    Agenda

    • FNS Mission and Process


    • Players
    – The Threat
    – The Defenders
    • The FISMA Perspective
    – Intent
    – Process
    – Core Capabilities
    – How Can You Help?
    – How We Can Help

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:11 AM 2
    FNS Mission and Process
    Mission: To measurably improve the cyber security posture of
    the Federal Executive Branch of Government
    Assess
     Assess Enterprise Needs and Required Capabilities

     Influence Policy and Strategies to Implement Influence


     Drive and Enable Implementation of Capabilities

     Measure and Monitor Implementation and Security Posture Drive

    Measure

    Simultaneous and
    Iterative Process!

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:11 AM
    Players: The Threat

    • Attackers - Nation-States, Criminals, etc…


    • Only Need to Find 1 Vulnerability
    • Will Exploit Anything
    • People
    • Software
    • Physical Controls
    • Configurations and System Policies
    • Architectural Designs
    • Combinations of the Above FY10 Incidents

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 4
    Players: The Defenders
    • Defenders – CIO, CISO, NOC, SOC, …Individual User
    • Must Eliminate or Minimize Numerous Potential Vulnerabilities
    • People
    • Software
    • Physical Controls
    • Configurations and System Policies
    • Architectural Design
    • Have Limited and/or Dispersed Budgets and Resources
    • Support Critical Missions with Complex IT Environments
    • Potentially Receive Direction from Various Sources
    • Mandates, Audit Bodies, FISMA, CNCI, etc…
    • Don’t Always Have Authority Over All Systems/Infrastructure

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 5
    Policies, etc… FISMA Perspective: Intent
    Federal Information Security Management Act (FISMA) of 2002
    OMB Circular A-130
    NIST Special Publications, FIPS
    OMB Memos, etc…

    Protect Networks, Systems, and Data:


    Intent

    Proactively, Effectively, and Efficiently Mitigate Threat Vectors


    Base Decisions on Risk
    Inform Decisions with Accurate/Timely/Complete Data

    FISMA Metrics

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 6
    FISMA Perspective: Process

    • Analyze Incidents/Vectors
    • Define Mitigation Options
    • Prioritize Mitigations
    • Implement Mitigations
    • Measure Effectiveness

    FISMA Capability Framework

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 7
    FISMA Perspective: Core Capabilities

    • FISMA is Focused on Improving Core Capabilities


    • CyberStats Reinforce this Focus
    • Framework Includes:
    • NOC/SOC Capabilities
    • Implementation of Various Capabilities
    • Continuous Monitoring!
    • CISOs Developing Action Plans for Improvement
    Notional Scorecard
    • Fixing the “Soft Stuff” can make Improvements
    Easier to Achieve:
    • CFO Engagement
    • IG Relationship
    • Threat Informed Governance

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 8
    FISMA Perspective: How Can You Help?

    • Industry/Vendors/Government Employees can Help!


    • Mature and closely align Network Operations Centers
    and Security Operations Centers (NOC/SOC)
    • Support CISOs in Implementing Core Capabilities
    • Ask to see FISMA Capabilities Action Plan
    • Review FISMA Metrics for Context of Improvement Targets
    • Show Progress by end of FY11!
    • Contribute to Implementing Continuous Monitoring
    • Start with Assets, Configurations, Vulnerabilities
    • Implement Core CAESARS Architectural Components
    • Add High-Value Feeds (e.g. Account Monitoring, Cyber Ecosystem, NIST
    Controls, CAG Controls…)
    • Actually Use Data/Risk Scoring to Drive Down Risk

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 9
    FISMA Perspective: How We Can Help
    • Leverage and Participate in FNS Services and Efforts to Drive and Enable Progress
    • Services:
    • Strategic Remediation Engagements (SRE)(NCSD Service)
    • Federal Computer Network Defense Evaluations (F-CND)(Limited)
    • Risk and Vulnerability Assessments (RVA)(Reduced Scope)
    • Network Mapping
    • SAIR TIER I Blanket Purchase Agreement (ISSLOB BPA)
    • Cybersecurity Resiliency Management Assessments (F-CRM)(Limited)
    • Insider Threat Assessments (ITA)(Limited)
    • Shared Service Centers (Training, RMF)
    • Efforts:
    • FNS/ISIMC Continuous Monitoring Working Group (CMWG)
    • CAESARS Framework Extension Architecture (NIST Lead)
    • DNSSEC/E-Mail Validation Capabilities Tiger Team
    • Reference Architectures: TIC 2.0, Wireless LAN, DNS/DNSSEC, Mail
    Gateway, Telework/Remote Access, Voice/Video Over IP

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 10
    The End

    • For any FNS related inquiries, please contact FISMA.FNS@DHS.GOV

    • Thank You!

    Homeland National Cyber Security Division


    Security
    5/5/2011 10:25:12 AM 11
    Homeland National Cyber Security Division
    Security
    5/5/2011 10:25:12 AM 12

    S-ar putea să vă placă și