--Government Agencies Need to Improve Incident Response (May 30 & June 2, 2014) According to a report from the US Government Accountability Office (GAO), twenty-four major federal agencies did not consistently demonstrate that they are effectively responding to cyber incidents. The report, Information Security: Agencies Need to Improve Cyber Incident Response Practices, also noted that agencies did not have adequate evidence of what they did to respond to incidents about two-thirds of the time. Many federal agencies would like the Department of Homeland Security (DHS) to enhance the help it offers in managing cyber incidents. Agencies also said that they would like DHS to establish realistic timeframes for reporting incidents, and that incident categories need to be updated because classification attributes are not unique to each category. govinfosecurity/agencies-seek-better-dhs-incident-response-aid-a-6896 nextgov/cybersecurity/2014/05/gao-agencies-cant-always-prove-they-respond-breaches/85537/?oref=ng-channeltopstory gao.gov/assets/670/662901.pdf [Editors Note (Northcutt): I would go directly to the GAO .pdf link above. All in all it seems well researched and well balanced. A lot of it is a rehash of NIST SP 800-61. That is not so bad, but since they do not provide detailed implementation guidance, building an actionable report to Congress from it is difficult. Metrics for measuring effectiveness begin on page 20. I will be dead and buried before everyone agrees what the right metrics are, but any reasonable metrics make it possible to measure whether progress is being made. (Honan): Excellent report. Also have a look at the excellent resources for CERT/CSIRTs which is maintained by the European Network and Information Security Agency (ENISA) at enisa.europa.eu/activities/cert/support ]
Posted on: Tue, 03 Jun 2014 19:10:43 +0000
Trending Topics
Recently Viewed Topics
© 2015