In today's dynamic environment, the uninterrupted and secure operation of information system is vital to any organization's ability to provide quality service to its customers. Information systems are in a constant state of change due to:
- government security regulatory requirements
- the threat of attack from a variety of internal and external threat sources
- the implementation of security control requirements to mitigate risks.
As a result, information systems owners must ensure that the latest risk mitigation requirements are properly implemented and operating as required. Continuous monitoring helps organizations manage security processes to ensure the secure and continued operation of information systems.
The Risk Management Framework (RMF) developed by NIST, describes a disciplined and structured process that integrates information security and risk management activities into the system development life cycle. Ongoing monitoring is a critical part of that risk management process. In addition, an organization’s overall security architecture and accompanying security program are monitored to ensure that organization-wide operations remain within an acceptable level of risk, despite any changes that occur. Timely, relevant, and accurate information is vital, particularly when resources are limited and agencies must prioritize their efforts.
DPS has expertise in all aspects of Continuous Monitoring within the Risk Management Framework including:
- Monitoring the Information System and Environment for changes using state-of-the-art tools and services
- Providing ongoing compliance and vulnerability assessments of security controls to help determine if the controls are operating as intended
- Conducting remediation activities on existing vulnerabilities based on the security assessment results.
- Producing security status reports for organizational authorizing official and other appropriate organizational officials on a continuous basis
- Implementing, managing, and customizing automated tools to support Continuous Monitoring
DPS has experience with tools and technologies within eleven security automation domains that support continuous monitoring:
- Vulnerability Management
- Patch Management
- Event Management
- Incident Management
- Malware Detection
- Asset Management
- Configuration Management
- Network Management
- License Management
- Information Management
- Software Assurance
While automation of IT security has the potential to significantly reduce the amount of time a human must spend doing certain tasks, DPS realizes that it is not possible to fully automate all of an organization's information security program functions. The technologies discussed above, for example, still require human analysis for implementation and maintenance of the tools as well as appropriate interpretation of findings. DPS staff has familiarity with these tools and is able to analyze and interpret the data in order to provide valuable metrics to organization officials in a timely manner