Federal Cybersecurity Monitoring Goes Real Time
Agencies soon will be required to digitally monitor the security of their computer systems and feed summaries of their findings to a central Web site under new federal information security rules the White House issued on Wednesday, Nextgov.com reported.
The continuous reporting requirements outlined in an OMB memorandum are intended to improve the execution of the 2002 Federal Information Security Management Act. Critics say FISMA demands too much burdensome reporting and takes attention away from security. Several lawmakers are pushing to update the law, but for the time being the White House is working within the confines of the statute to alleviate reporting hassles.
"We're automating the process," said White House Cybersecurity Coordinator Howard Schmidt, adding reports to the Office of Management and Budget and Congress will be "based on real-time information as opposed to a snapshot in time."
The key to this new approach will be software that transmits data on the status of controls directly from each division of an agency. The data feeds will include information about an agency's inventory of systems and software, external connections, security training and user access.
Agencies must submit this information through a new Web-based gateway called CyberScope by Nov. 15, and starting in 2011, they must file reports monthly, according to the memo. To read more, click here.
Join the Discussion
The National Journal Group has the right (but not the obligation) to monitor the comments and to remove any materials it deems inappropriate.
Comments powered by Disqus