recommended reading

Officials say agency real-time surveillance not likely this year

Many agencies will not be able to submit summaries of network threats based on real-time surveillance by the Nov. 15 deadline for reporting on security management to the White House, according to federal officials.

The Obama administration in April announced that agencies this fall must use automated security monitoring tools for transmitting data on computer inventories, security incidents and other indicators to a secure online inbox called Cyberscope. Continuous reporting is expected to reduce the time and cost of complying with the 2002 Federal Information Security Management Act, a law critics say concentrates too much on paperwork documenting protocols, and not enough on executing them.

But many agencies are not there yet. "My bet is it won't be done in the next year," said James A. Lewis, a senior fellow at the nonpartisan Center for Strategic and International Studies who researches cybersecurity. He said the Office of Management and Budget eventually might have to issue new rules such as, "You can't spend any money on IT until you put this stuff in place," to enforce real-time monitoring.

Of the 24 major agencies, "a few of them are already there; a lot of them are not," Lewis added. He estimated between 20 percent to 25 percent of the major agencies would be online by Nov. 15. "It's a big change and moving people from where they are now to a better place is a great first step," Lewis noted.

If agencies do not have live surveillance systems, then they are supposed to manually record certain metrics, save the information in a digital format and send it to Cyberscope on a spreadsheet template or a Web-compatible file format such as XML, according to OMB policy .

The Homeland Security Department is helping agencies transition to the new digital process. Agencies without automated monitoring tools likely will use an XML model that Cyberscope can ingest, Greg Schaffer, DHS assistant secretary for cybersecurity and communications, said in an interview on Wednesday. "I do think this will give us in the long run much higher fidelity information," he added.

Schaffer said the shift to real-time monitoring will be "a process" and he could not provide a specific timeline.

The schedule will be dictated from the bottom up -- based on how quickly agencies can set up enhancements needed for live surveillance -- not from any top-down DHS or OMB mandates, Homeland Security officials added on Friday.

They said the price of the additional equipment will vary significantly, depending on the number of users at the agency. Lewis said agencies should not put off buying the new technology just because of cost.

"This is actually effective, so whatever they spend now [on FISMA compliance] is just wasted money," he said. "If we can take the same money and spend it on something that's actually useful we'll be better off."

A July policy clarification on FISMA stated that Homeland Security now is in charge of the operational aspects of governmentwide cybersecurity. OMB will retain fiscal oversight of agencies' use of cybersecurity funds and policy issues.

OMB officials on Friday referred questions about the budget and timeline for rolling out real-time monitoring to DHS.

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.