via InformationWeek Government
The Department of Homeland Security (DHS) has released new reporting metrics for agency compliance with the Federal Information Security Management Act (FISMA) that focus on continuous cybersecurity monitoring.
The new metrics should bolster the federal government’s strategy to keep closer and more constant track of security vulnerabilities and threats as it moves forward with improvements to overall cybersecurity across agencies.
The annual CIO’s FISMA Reporting Metrics report for fiscal year 2011 requires federal agencies to detail progress they’ve made to automate daily metrics on critical security risks. FISMA is the National Institute of Standards and Technology (NIST) security standard for IT products and solutions used in the federal government, as well as for how agencies comply with cybersecurity requirements.
The 11-page document asks agencies to provide a current inventory of automated monitoring capabilities in overall systems; asset, configuration, vulnerability, identity, and access management; and other categories.
This year’s metrics document also contains an entire section asking agencies to report on continuous monitoring itself, asking what percentage of data from various data feeds are being monitored “at appropriate frequencies and levels in the agency,” according to the document. Data feeds included in the questioning include application logs, patch status, vulnerability scans, failed logins for privileged accounts, and data loss prevention data, among others.
Over the last couple of years, the Obama administration has required agencies to report on FISMA compliance by asking numerous questions that didn’t necessarily address key security concerns.