CyberScope

The push to adopt continuous monitoring as a more advanced means for ensuring network security can only work if other network technologies are made secure, said a leading computer scientist from the National Institute of Standards and Technology.

Agencies need to understand the underlying security issues, beyond what continuous monitoring can offer, because adversaries can take advantage of weaknesses to bring down network capabilities, said Ron Ross, senior computer scientist and fellow at NIST. Ross (pictured above, seated far left) made the remarks at the recent Symantec Government Symposium on government security practices. Keep reading →

The recent GFIRST Conference – a forum for incident response and security teams – covered the gamut of security topics with a surprisingly colorful and entertaining array of session titles. While my session title, “Continuous Monitoring 2.0” , may have lacked the bedazzle factor of “Hack the database…and other cocktail party tricks”, “Bad Karma Chameleon”, “Welcome to McSecurity, would you like fries with your scan?”, it did capture audience sentiment about the government’s CyberScope initiative and the push for continuous network monitoring.

So what’s causing the angst among federal IT security managers about CyberScope’s current state of play? Keep reading →