Loading in 2 Seconds...
Loading in 2 Seconds...
‘Enhanced Cyber Situational Awareness with Continuous Monitoring’. www.jackbe.com. John Crupi, CTO Rick Smith, Cyber Consultant . About JackBe. Leading Solution Provider of Real-Time Operational Intelligence for Government Agencies & Enterprise Businesses
Leading Solution Provider of Real-Time Operational Intelligence for Government Agencies & Enterprise Businesses
Small Business Headquartered in DC area with Global Reach
Broad Access to Contract Vehicles and Procurement Methods for all Federal Customers
Named to ‘Top 10 Enterprise Products’ in 2010
Rick Smith CISSP, CISM
Cyber Security SME at Blue Canopy
Over 16 years experience in government and private sector. Recognized speaker for ISACA and a Cyber Security SME Focusing on Enhance Situational Awareness, Improving Continuous Monitoring, Cyber Analytics, and Cyber Active Threat Management.
John Crupi, Chief Technology Officer
Formerly, CTO of Sun’s SOA Practice
& Sun Distinguished Engineer
Co-Author of Core J2EE Patterns
A Major Cyber Attack!
LOUISVILLE, Ky., March 1, 2012 - What keeps Secretary of Defense Leon Panetta, awake at night, he didn't hesitate: “A MAJOR CYBER ATTACK!”
“We are literally getting HUNDREDS OF THOUSANDS OF ATTACKS EVERYDAY that try to exploit information in various [U.S.] agencies or department. There are plenty of targets beyond government too,” he added.
“The country needs to defend against that kind of attack, but also DEVELOP THE INTELLIGENCE RESOURCES TO UNDERSTAND WHEN THOSE POSSIBLE ATTACKS ARE COMING,” the secretary said.
Hundreds of thousands of attacks every day!
Develop the intelligence resources to understand when those possible attacks are coming!
By Jim Garamone, American Forces Press Service
National Institute of Standards and Technology (NIST) created the Risk Management Framework (RMF) as a risk-based paradigm to help guide their FISMA implementation work.
Information Security Continuous Monitoring Best Practices:
Principle 1: Aggregate Diverse Data
Principle 2: Analyze Multi-Source Data
Principle 3: Create Real-Time Data Queries
Principle 4: Transform Data Into Actionable Intelligence
Principle 5: Maintain Real-Time Actionable Awareness
INFORMATION SECURITY CONTINUOUS MONITORING
Bruce Levinson, Center for Regulatory Effectiveness Oct, 2011
Situational Awareness of all systems across the organization
An understanding of threats and threat activities
Security status across all tiers of an organization
Risk by organizational officials
Collect, Correlate & Analyze
All security controls
1) Vulnerability Management
2) Patch Management
3) Event Management
4) Incident Management
5) Malware Detection
6) Asset Management
7) Configuration Management
8) Network Management
9) License Management
10) Information Management
11) Software Assurance
12) Digital Policy Management
13) Advanced Persistent
Portable Risk Score Manager (PRSM) designed to reduce the number of cyber risks by increasing the compliance with IA policies and network security standards to improve IA posture by adopting the iPost Risk Scoring methodology.
iPost is a custom application designed to continuously monitor and report risk on the IT infrastructure in an effort to identify weaknesses.
Continuous Asset Evaluation, Situational Awareness, and Risk Scoring Reference Architecture Report (CAESARS) designed to enable Federal agencies to implement Continuous Monitoring more rapidly through federal standards that leverage federal buying power to reduce the cost of implementing Continuous Monitoring.
Added Process to Verify
Enhance Situational Awareness
How Real-Time Operational Intelligence Enables Cyber Situational Awareness
Advanced network monitoring
using real-time network forensics
System and network log collection,
correlation and reporting
Enhanced Situational Awareness Dashboard
and asset management
Threat intelligence and business analytics that fuse data from all monitoring feeds for correlation and analysis
News Feeds, Twitter
Other disparate data, external data
Health, status, security, vulnerability, and mission dependency data
HW & SW Counts
Vulnerabilities that match to Cyber Command list
Tier 3 Vulnerabilities
Vulnerabilities By Machine Type
Data correlation from disparate business units
Consolidated Impact Analysis
Impact Analysis & cost of impact to remediate
Leadership is provided with a way forward on remediation approach
Roll up Data
To get additional information about how we can help your agency achieve Enhanced Situational Awareness, contact us at http://www.jackbe.com/about/contact_form.php.
Read About JackBe Presto Solutions in Government Today