Delivering stakeholder-centric services from strategy to execution
[ Source: IBM ]
February 2012-
This report describes the challenges that arise during a transformation to stakeholder-centric or citizen-centric service delivery. It highlights the crucial roles that key business and IT capabilities play for any public sector organization navigating those challenges.
Fed Continuous monitoring, remediation and CyberScope reporting
[ Source: IBM ]
December 2011-
To assist federal agencies with the implementation of CyberScope reporting, IBM Tivoli Endpoint Manager, built on BigFix technology, provides insight and control for endpoints with streamlined, automated capabilities for continuously monitoring and remediating security compliance.
Creating value in the Public Sector: intelligent project selection in the US federal government
[ Source: Oracle ]
March 2012-
Federal agencies are refining program management practices in response to the Obama administration's Government Accountability Initiative. Learn more.
IT Management for 21st Century Government
[ Source: Solarwinds ]
September 2011-
SolarWinds IT management products are used by virtually every civilian agency, state government, and branch of the military. <br><br>
Discover why SolarWinds provides powerful and affordable IT management software to federal, state, local and education customers - from enterprise deployments to tactical networks supporting warfighters. Built by IT pros for IT pros, our products are downloadable, easy-to-use and maintain, and provide the power, scale, and flexibility required to manage today's ...
Defining and Planning Continuous Monitoring for NIST Requirements
[ Source: Tripwire ]
August 2011-
The National Institute for Standards and Technology (NIST) recently released new Federal Information System Management Act (FISMA) guidance in two publications. The aim of the new guidance is to help federal agencies develop a continuous monitoring program as part of a risk management framework. It is also supposed to help the government gain an enterprise-wide view of its security stance by using automation to roll up reports of security information across all agencies.<br&...
Continuous Monitoring: What It Is, Why It Is Needed, and How to Use It
[ Source: Tripwire ]
August 2011-
Continuous monitoring enables information security professionals and others to see a continuous stream of near real-time snapshots of the state of risk to their security, data, the network, end points, and even cloud devices and applications. Assessing security controls as well as ongoing monitoring of security controls are both directly assisted by continuous monitoring through vulnerability monitoring processes, which many organizations already have in place. <br><br>
In this white paper ...
Mind The Gap: CISOs Work To Narrow The Breach-To-Detection Gap For Better Security
[ Source: Tripwire ]
August 2011-
In this age of compliance, most retailers do what’s required to become compliant, but often fail to improve security through these efforts. In fact, several organizations have achieved compliance but still have been breached—even though they had the data needed to head those breaches off before any significant damage was done. So how did they miss this critical evidence? Unfortunately, IT security teams are inundated with data from many sources that they cannot ...
Cyberwar Threats: New Security Strategies for Governments
[ Source: Tripwire ]
August 2011-
Cyberwar fundamentally changes how government must handle security. Faced with increasingly sophisticated attacks from gangs of cyber criminals and foreign governments probing systems for sensitive data, threats frequently go undetected for days, weeks, and even months. And it's not just financial data being stolen. Terrorists and rogue governments may steal confidential data, including intelligence information, that exposes a country and its citizens to potential harm. Unfortunately, the traditional fortress approach no longer suffices. <br&...
Network Access Control and 802.1X -- Advantages, Constraints, and Capabilities
[ Source: ForeScout ]
May 2011-
This whitepaper by Spire Security explains the advantages, disadvantages and limitations of 802.1x as it relates to network access control (NAC). In practice, 802.1x has proven to be costly and cumbersome to roll-out, particularly for large organizations. Furthermore, 802.1x does not include or address many important features of a full-blown NAC system. This whitepaper includes a case study of a large U.S. defense agency that tried rolling out 802.1x and then, after discovering significant ...
Strong Firewall Management Is Essential
[ Source: Secure Passage ]
September 2010-
Firewalls are designed to provide access control. Although there is risk associated with any access, by limiting what access is permitted the risk is limited and understood and can be evaluated against business need to effectively justify the risk. However, poor firewall management defeats this purpose by ineffectively controlling access and limiting visibility into what access is actually permitted; poor management also increases the cost associated with security management. The result of poor management is ...