DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Federal Security Practitioners Admit: We’re Not Prepared to Meet Continuous Monitoring Deadline

Posted on December 15, 2011 by Lee J

SANTA CLARA, Calif., Dec. 14, 2011 /PRNewswire/ — In a blow to one of the key cyber-security initiatives advanced by White House leaders, federal IT security professionals admit that efforts to adopt continuous monitoring of security performance lag far behind the Obama administration’s expectations. Advanced by the White House as a primary national cyber-security initiative, an overwhelming majority of government practitioners now doubt their ability to fully implement continuous monitoring during fiscal 2012, according to a new survey published today by RedSeal Networks and Dimensional Research entitled, "Government Security Practitioner Survey: Countdown to Continuous Monitoring." Interviews with 234 IT security professionals at the 2011 7th Annual GFIRST National Conference found that only 28 percent of federal security executives feel their agencies will meet the OMB deadline for continuous monitoring.  Key highlights from the survey include:

  • Only 55 percent of all respondents said they either won’t be ready or don’t know if their organizations will be ready in September.
  • Only 22 percent of respondents said their agencies have already deployed continuous monitoring solutions.
  • An overwhelming majority 64 percent said that continuous monitoring and its increased use of security metrics will improve security management.

In addition, many government IT workers remain uncertain where their organizations stand in adopting continuous monitoring. Security professionals from nearly every major federal agency, along with many large government contractors, were among respondents to the RedSeal –Dimensional GFIRST survey. "Government security practitioners are under serious pressure to deliver metric-based security monitoring," said Dr. Mike Lloyd, Chief Technology Officer at RedSeal.  "Commercial and government organizations agree that continuous compliance and measurable security will help us respond to the onslaught of successful attacks and ongoing breaches that we are facing. So it’s disturbing that less than half of the agencies surveyed said they are ready to deliver the measurements required for the 2012 FISMA deadline." Other key findings of the survey: – The majority of the agencies represented, at 55 percent, stated they do not currently have the tools necessary to meet the OMB directive or are unaware if they do.

  • Only 33 percent of those small agencies participating indicated they will have required security measures in place to meet the deadline.
  • At least 33 percent of the government networks represented have over 100 devices that require security configurations
  • A full 25 percent of those agencies represented admitted that they didn’t know how many devices on their networks contain security policy enforcement.

"It’s extremely disappointing to see that even though the government issued these directives for continuous monitoring years ago, the people charged with implementation are not far enough along in acquiring or deploying the systems necessary to meet the requirements," said Major General John Casciano (USAF-Ret.), an advisor to RedSeal. "Perhaps even more troublesome, it’s clear that there’s still a fundamental lack of understanding of what continuous monitoring involves, with too many practitioners lacking an understanding of the proactive risk management element, versus monitoring packets in transit." Survey Methodology: The survey was administered to attendees at the 2011 7th Annual GFIRST National Conference.  It was conducted on the tradeshow floor in the RedSeal booth.   The research was commissioned to gather data on agencies’ ability to meet the 2012 federal security and monitoring mandates as outlined in the OMB and FISMA directives. This report was prepared in December 2011 based on responses from 234 security professionals.  The survey sponsor, RedSeal, was revealed to participants prior to their participation. Drawings for an iPad were offered to survey participation, but not required for eligibility. Follow this link to the full report: https://go.redsealnetworks.com/Surveys_LP_ContinuousMonitoring.htmlAbout Dimensional Research Dimensional Research® provides practical marketing research to help technology companies make their customers more successful.  Our researchers are experts in the people, processes, and technology of corporate IT and understand how corporate IT organizations operate.  We partner with our clients to deliver actionable information that reduces risks, increases customer satisfaction, and grows the business.  For more information visit www.dimensionalresearch.com. About RedSeal Networks, Inc. RedSeal Networks enables our customers’ IT security management and staff to continuously understand the security state and regulatory compliance of their network and information systems, recognize the resulting risk to their operations and assets, and identify and drive actions to improve security and reduce risk. Unlike systems that measure the impact of attacks after they occur, RedSeal analyzes the complex interaction of all network security controls, delivering in-depth understanding of security performance, continuous compliance, and actionable steps for risk remediation. For more information on RedSeal products please visit the company’s web site at www.redsealnetworks.com and follow us on Twitter @RedSealNetworks.   SOURCE RedSeal Networks, Inc.

Related posts:

  • Operation Anti Security Breakdown and targets, the full time line
  • White House issues executive order in wake of WikiLeaks reports
Category: Breach Incidents

Post navigation

← Yahoo Awarded $610M, but court cant promise they will see it
Whitehat Facebook hacker pleads guilty →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.