recommended reading

Officials say agency real-time surveillance not likely this year

Many agencies will not be able to submit summaries of network threats based on real-time surveillance by the Nov. 15 deadline for reporting on security management to the White House, according to federal officials.

The Obama administration in April announced that agencies this fall must use automated security monitoring tools for transmitting data on computer inventories, security incidents and other indicators to a secure online inbox called Cyberscope. Continuous reporting is expected to reduce the time and cost of complying with the 2002 Federal Information Security Management Act, a law critics say concentrates too much on paperwork documenting protocols, and not enough on executing them.

But many agencies are not there yet. "My bet is it won't be done in the next year," said James A. Lewis, a senior fellow at the nonpartisan Center for Strategic and International Studies who researches cybersecurity. He said the Office of Management and Budget eventually might have to issue new rules such as, "You can't spend any money on IT until you put this stuff in place," to enforce real-time monitoring.

Of the 24 major agencies, "a few of them are already there; a lot of them are not," Lewis added. He estimated between 20 percent to 25 percent of the major agencies would be online by Nov. 15. "It's a big change and moving people from where they are now to a better place is a great first step," Lewis noted.

If agencies do not have live surveillance systems, then they are supposed to manually record certain metrics, save the information in a digital format and send it to Cyberscope on a spreadsheet template or a Web-compatible file format such as XML, according to OMB policy .

The Homeland Security Department is helping agencies transition to the new digital process. Agencies without automated monitoring tools likely will use an XML model that Cyberscope can ingest, Greg Schaffer, DHS assistant secretary for cybersecurity and communications, said in an interview on Wednesday. "I do think this will give us in the long run much higher fidelity information," he added.

Schaffer said the shift to real-time monitoring will be "a process" and he could not provide a specific timeline.

The schedule will be dictated from the bottom up -- based on how quickly agencies can set up enhancements needed for live surveillance -- not from any top-down DHS or OMB mandates, Homeland Security officials added on Friday.

They said the price of the additional equipment will vary significantly, depending on the number of users at the agency. Lewis said agencies should not put off buying the new technology just because of cost.

"This is actually effective, so whatever they spend now [on FISMA compliance] is just wasted money," he said. "If we can take the same money and spend it on something that's actually useful we'll be better off."

A July policy clarification on FISMA stated that Homeland Security now is in charge of the operational aspects of governmentwide cybersecurity. OMB will retain fiscal oversight of agencies' use of cybersecurity funds and policy issues.

OMB officials on Friday referred questions about the budget and timeline for rolling out real-time monitoring to DHS.

Threatwatch Alert

Spear-phishing

Google Chrome Update Addresses Super Sneaky URL Trick

See threatwatch report

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Modernizing IT for Mission Success

    Surveying Federal and Defense Leaders on Priorities and Challenges at the Tactical Edge

    Download
  • Communicating Innovation in Federal Government

    Federal Government spending on ‘obsolete technology’ continues to increase. Supporting the twin pillars of improved digital service delivery for citizens on the one hand, and the increasingly optimized and flexible working practices for federal employees on the other, are neither easy nor inexpensive tasks. This whitepaper explores how federal agencies can leverage the value of existing agency technology assets while offering IT leaders the ability to implement the kind of employee productivity, citizen service improvements and security demanded by federal oversight.

    Download
  • Effective Ransomware Response

    This whitepaper provides an overview and understanding of ransomware and how to successfully combat it.

    Download
  • Forecasting Cloud's Future

    Conversations with Federal, State, and Local Technology Leaders on Cloud-Driven Digital Transformation

    Download
  • IT Transformation Trends: Flash Storage as a Strategic IT Asset

    MIT Technology Review: Flash Storage As a Strategic IT Asset For the first time in decades, IT leaders now consider all-flash storage as a strategic IT asset. IT has become a new operating model that enables self-service with high performance, density and resiliency. It also offers the self-service agility of the public cloud combined with the security, performance, and cost-effectiveness of a private cloud. Download this MIT Technology Review paper to learn more about how all-flash storage is transforming the data center.

    Download

When you download a report, your information may be shared with the underwriters of that document.