The State Department is at the forefront of federal efforts to develop continuous monitoring capabilities for computer networks.
New software being used by the State Department to assess security weaknesses is helping improve real-time awareness of vulnerabilities, according to a Government Accountability Office report on information security.
“Cyber-based threats to federal IT systems and infrastructure are evolving and growing and come from a variety of sources including foreign nations, criminals, terrorists, and disgruntled insiders,” GAO states.
The State Department uses a custom-made program called iPost that pulls data from a variety of monitoring and diagnostic scanning tools. iPost provides continuous monitoring of State Department IT assets, including tens of thousands of workstations and servers domestically and overseas. The data is compiled and reformatted and populated into the iPost database in the form of readable charts and reports that provide an overview of the current status of hosts of a site and network activity. The program also provides ratings for vulnerabilities and weaknesses.
GAOs review of iPost’s effectiveness came from interviews and surveys with department officials and analysis of iPost data.The State Department has been at the forefront of federal efforts to develop continuous monitoring capabilities, the report says.
Overall, iPost does a good job identifying and prioritizing vulnerabilities, GAO wrote, however, it notes several areas the State Department could focus on to improve the program. iPost addresses Windows hosts, but not other IT assets like routers, for example. Additionally, the 10 areas systems are scored in don’t include all system controls designed and used by the State Department to reduce risk. It also notes that scores don’t necessarily show the likelihood of a threat occurrence. GAO also suggested naming specific people responsible for monitoring iPost information.
“iPost provides several benefits in terms of providing more extensive and timely information on vulnerabilities, while also creating an environment where officials are motivated to fix vulnerabilities based on department priorities,” the report says. As the State Department develops iPost, GAO recommends the State Department clearly identify individuals in charge of monitoring in addition to developing procedures for validating data, and implementing a formal continous monitoring strategy.
To read the complete report click here .
photo by the U.S. Government's East Asia and Pacific Media Hub