Trailblazing Uncle Sam
Posted on July 15th, 2010 by Melanie »Permalink
Gosh, it seems like just yesterday we were getting practically misty-eyed about the traction CCM is gaining not just in the marketplace, but also in terms of folks’ awareness, and today brings another illustration of just what CCM can do. We are watching history, for real.
Behold the power of CCM. Emily Long at NextGov has a nice juicy piece on how the State Department’s CISO (Chief Information Security Officer for those of you behind on just how the C-suite has grown in recent years) implemented continuous monitoring to keep his agency in full compliance with those FISMA regulations we’ve been talking about.
You should honestly read the whole thing, because it’s just that good. But since it’s summer, and we know you’re rushing to get through the day to either sit in hot hellish traffic or hopefully sip something nice and refreshing on your deck, we will do you a favor and share some of the best bits here. (You’re welcome).
-
Now agencies will feed details about their inventory of systems and software, external connections, security training and user access profiles into one portal. The process will be “based on real-time information as opposed to a snapshot in time,” says White House Cybersecurity Coordinator Howard Schmidt. The website, CyberScope, in its current form is a data collection tool for FISMA-related information. In the future, that data will be analyzed and weighted to score agency performance.
“We’re at the moment where technology has changed enough where people need to think about security in a new way,” says James Lewis, senior fellow and director of the technology and public policy program at the Center for Strategic and International Studies. “We are at the point where we can move from snapshot to flow.” The transition away from paper-based monitoring will create situational awareness of existing threats and allow agencies to better manage security, he adds.
As gratifying as it is to hear people catching on to the idea of what CCM can do, it is a million times cooler to read about how it’s actually working to improve transparency and efficiency. And the bit about how important it is to bring stakeholders together at the outside to talk metrics? Practically gave us chills, it was so convincing. It’s a theme we’ve been hammering for practically ever, and highlighting a blurb won’t do it justice, so one last plea for you to read the whole long thing.
After approximately seven zillion stories of the hopefully mythical $47 paper clip, it’s downright refreshing to read about tax dollars being spent proactively to reduce risk and improve transparency and efficiency. Yay, Uncle Sam!
