Demystifying and Applying the DHS Continuous Diagnostic Mitigation (CDM) Program for Physical Security. Mark Steffler and Ross Foard
|
|
- Clement Lamb
- 6 years ago
- Views:
Transcription
1 Demystifying and Applying the DHS Continuous Diagnostic Mitigation (CDM) Program for Physical Security Mark Steffler and Ross Foard
2 Mark Steffler VP Government Practice for Quantum Secure, part of HID Global Security Industry Association (SIA) Standards Access Control & Identity Subcommittee Identity and Access Council Steering Committee for Smart Card Alliance Instructor / Presenters Ross Foard Phase 2 Engineer and ICAM SME for DHS NPPD Recipient of ICE Assistant Secretary OCIO Award and DHS Partner Award Over 15 years of Identity and Access Management experience
3 Agenda Introduction to DHS CDM Program CDM Phase 2 Requirements CDM Phase 3 Requirements Mapping the CDM Program to Real World Best Practices How CDM is now incorporating Physical Security for a Comprehensive Program Exploring The Ideal Solution to Incorporate Physical Access Security Q & A
4 Learning Objectives Identify access risks due to legacy processes and Implement a least privilege management approach to securing the enterprise facilities and assets. Compare an organization's current physical access processes and practices against the CDM model and identify gaps and desired target state. Develop a plan, which implements the CDM principals for an organization's unique physical access infrastructure. Create Governance structure to ensure successful implementation
5 US Government Continuous Diagnostics and Mitigation Ross Foard
6 DHS CDM Program The Continuous Diagnostics and Mitigation (CDM) program is a dynamic approach to fortifying the cybersecurity of government networks, systems and facilities. Provides federal departments and agencies with capabilities and tools that identify cybersecurity and facilities risks on an ongoing basis Phased approach, currently in Phase 2 Leverages and reinforces many existing programs including NIST Rev 4 Security and Privacy Controls for Federal Information Systems and Organizations Federal Identity Credential and Access Management Guidance (FICAM) ICAM Privileged User Instruction and Implementation Guidance Today s focus is on CDM's application to physical access management and security and how to converge that with the logical domain for greater awareness and risk management of threats/vulnerabilities.
7 CDM and Related Government Directives CDM Phase 2 CDM Phase 3 Agencies shall adhere to Governmentwide requirements in the deployment and use of identity credentials used by employees and contractors accessing Federal facilities FICAM Circular A-130 Revised OMB M ICAM Privileged User Instruction and Implementation Guidance (2014) Physical access controls systems, which include, for example, servers, databases, workstations and network appliances in either shared or isolated networks, are considered information systems.
8 Privileged User Management
9 FICAM recommends that Logical and Physical Access Control Follow the Same Paradigm Both Physical and Logical Access Controls are held to the Same Standard
10 CDM Core Concepts Dashboard Risk Scoring Threat Awareness Policy Alerting 10
11 CDM Capabilities Phased Delivery Capability: A collection (set) of security controls that work together to achieve an overall security purpose NIST Rev4
12 How Does CDM Phase 1 Work? 6. Report Progress 5. Fix Worst First 1. Install & Update Sensors All Systems Data Currency within 72 Hours 4. Triage and Analyze Results 2. Automated Search for Flaws 3. Collect Results from Departments and Agencies Primary Focus is Network Infrastructure: Routers Firewalls Computers Myriad devices (IoT) Etc.
13 CDM Phase 2 Least Privilege (Access) Management BEHAVE TRUST, BEHAVE, CRED and PRIV Linkage to the User TRUST USER is a generic term that applies to any entity (including non-person entities) that access any resource, physical or logical, in an organization. TRUST is used to validate a person s identity and the degree to which they have been vetted. Requires CRED is a digital representation of a user and binds a type of credential or authentication mechanism to an identity established in TRUST with a level of assurance and is used to grant access (physical and logical). PRIV establishes the privileges associated with the credential and in turn the individual or service PRIV USER Requires CRED BEHAVE identifies that the individual has the proper knowledge and training for the roles they are assigned and that they remain up to date.
14 Phase 3 Feeds the Manage Security Lifecycle Stage Plan for Events Respond to Events Generic Audit/Monitoring Document Requirements, Policy, etc. Quality Management Risk Management Boundary Protection Network, Physical, Virtual
15 Lexicon of Terms/Concepts used in CDM Ab. Term CDM Definition Relevant CDM Example MUR Master User Record Unique Identity record containing all relevant data/attributes on a person MDR MSR Master Device Record Master System Record Unique record for each device on the network containing relevant device data/attributes Unique Record for each (sub) system. One of a number of PACS could each be a system SoS System of Systems This is a system with collects data from other (sub) systems under its control to create a more manageable hierarchy enterprise class architecture PDP Policy Decision Point This is software that determines/assures whether access should be granted to a person based on policy. Record containing: person s name, location, training certifications, type, security check, etc. Record containing: device s name, type of device, last update, f/w or s/w version, etc. Record containing: (sub) system s name, function, last update date, s/w version, attached components, etc. A PACS uber Management System could manage numerous individual PACS under a single system Detect that someone manual assigns access to a person in violation of a given policy (like requiring training to access a facility)
16 CDM Is all about Using COTS Software Architectural boundaries- Zone A: Tools and Sensors Zone B: CMaaS Integration Zone C: Agency Dashboard Zone D: Federal Dashboard Dashboard operates as a Standardization Driver Dashboard Provider focused on Federal Level CMaaS Provider focus for Agency Level CDM Architecture Reflects Commercial Best Fit
17 CDM Road to On-going Assessment and Authorization ISCM as supported by CDM Governance Activities Governance is Distinct from Management Risk Management and Cybersecurity Framework (CSF) Ongoing Assessment and Authorization Tiers 1-4 of the CSF Control Automation Reporting Structure: OU/FISMA Containers Sync Function between Agency/Federal + Modules for Incident Response, Etc. Protecting all assets including data CDM Sensors/Tools and Dashboards
18 Phase 2 Comparing AS-IS State versus Desired State AS IS Ramification Desired Benefit Manual Processes Hard to Audit Common Master User Record Subject (User) Not known across organization Correlation of events across different systems is hard Subject information correlated with Unique ID Ability to automate and normalize information Ability to know the same user wherever access occurs TRUST not defined Difficult to Trust with confidence Trust Level based on defined process The Trust assigned a user is current and accurate BEHAVE not known Uneven security knowledge Required Training completed Ensures Subject understands rules CRED not integrated Various local forms of Identification Utilize a single (PIV) credential Ensure user is as presented PRIV not defined Not sure what authorized to grant Only Authorized Access to high impact systems Reduce attack surface of critical systems
19 Applying CDP Program Principals to Best Practices in Enterprise For Physical Security and Access Mark Steffler
20 CDM Phase 2 and Phase 3 Maps to Best Practices CDM Phase 2 Who is on the Network? FICAM and FISMA Controls OMB Circular A-130 and M Policy and Process Automation Use Cases Common measures across network and facilities Automated on-boarding and off-boarding Strong Authentication utilizing Smart Card Defect Detection and Reporting Streamlined Change in Access Authorizations Privileged Access Management Visitor and Contractor Access Management Risk Management Observe Behavior and Risk Analysis CDM Phase 3 What is happening on the Network? Audit and Defect Identification Policy Refinement
21 CDM Phase 2 - Privileged Physical Access Controls ACP = Access Control Point (door) Entitlements Policy Automation Automatically assigned access to start Heightened Access Process Automation Access Granted by approval Privileged Access Policy & Process Automation Access Earned by credentials (BEHAVE/TRUST) and (multiple) Approvals
22 Mapping the ICAM Enterprise to CDM Phase 2 CRED MUR/PDP BEHAV TRUST PRIV
23 BOUND-P Expands the Functionality beyond Today s Disparate PACS Typically there are many unique PACS instances across an enterprise. How do you scale this across multiple PACS? Need a centralized PACS Privilege Management System that overlays the disparate PACS Physical identity and access management (PIAM) deployments are increasing due to technology and product development, compliance mandates, a greater desire to manage alternative user populations such as on-premises visitors and contractors, and a sharp emphasis on timely and secure access 1
24 BOUND-P - Physical Access Controls for CDM CDM BOUND defines the boundary for what is included and monitored within an enclave of devices/systems BOUND-P: Monitor and Manage Physical Access Controls Authentication (e.g. - credential, identity) Authorization (e.g. - permission to access a given door/facility) PDP (distributes access policy to PEP and validates faithful execution) PEP (PACS endpoint functions grant/deny access at a door) Individual PACS IP Addressable components (head-end and panels) need MDR Enclaves of PACS need MSR to more fully characterize each PACS sub-system BOUND-P Operation Implementation - System of System approach Overarching Centralized PACS Privilege Management Connects to each PACS instance and gathers data to populate MUR, MDR and MSR Reports Phase 1 Device (MDR) Defects Reports Phase 2 Identity (MUR) Defects (CRED, BEHAVE, TRUST, PRIV) 24 Reports BOUND-P (MSR) Defects (policy violations)
25 CDM/ICAM - Bound-P Notional Architecture MUR Provision: Credential (PIV) Access Privileges Policy for PEP (PACS) Retrieve data for defect reporting - Each PACS subsystem metrics - PACS Device Status - Privileged Access activity - User behavior MDR MSR PDP Layer PEP Layer
26 What is your Situation? # Employees 0 1,000 1,000 4,999 5,000 + # PACS/# Doors 2/50 5/200 5+/200+ Security Compliance Low Medium High Audit Risk/Impact Low Medium High Insider Threat Program N/A Minimal Vital (NISPOM 2) Consequences Low Medium High Need for Automation (System of Systems) ROI for Adopting PIAM Manual methods probably OK Consider PIAM System Strong need for PIAM System Low 50% annually >100% annually Good Governance means intentional cooperation between IT security department and physical security department. Create PMO with members from each dept. Collaborate Develop shared vision
27 Wrap-up: Q & A and How to Learn More Ross and Mark are available immediately following this session Come Visit Mark and Ross at the HID Exhibitor Booth # We will be available from 2PM 5PM today to answer questions and provide more information Make an appointment for tomorrow at Booth #11063 with Mark Contact Mark or Ross anytime
28 Appendix
29 Helpful References DHS CDM Program Overview: DHS Continuous Diagnostics and Mitigation (CDM) Training Program website: FICAM Roadmap: dmap_and_implementation_guidance_v2%200_ _0.pdf ICAM Privileged User Instruction and Implementation Guidance: nitaitive_putt%20doc_ pdf NIST Attribute Based Access Control: NIST SP Rev 4 :
30 Glossary of Terms (not previously defined) Term BOUND-P Defect CMaas (F)ICAM OMB M FISMA Definition Monitor and Manage Physical Access Controls Condition under which the current state is not in conformance with policy. Continuous Monitoring as a Service. Essentially the software system, which monitors the network or facilities access (Federal) Identity, Credential and Access Management Office of Management and Budget Memorandum mandating conformance to FICAM for all federl departments and agencies (issued: February 2011) Federal Information Security Management Act 30
31 Example - PACS Defects Report Example of PACS Infrastructure Status versus Approved or Target State
32 FICAM Provisioning Use Cases
How to Plan, Procure & Deploy a PIV-Enabled PACS
How to Plan, Procure & Deploy a PIV-Enabled PACS Educational Institute & Access Control Council Webinar Series Session Three: Establish The Project Scope Introductions Randy Vanderhoof, Secure Technology
More informationFulfilling CDM Phase II with Identity Governance and Provisioning
SOLUTION BRIEF Fulfilling CDM Phase II with Identity Governance and Provisioning SailPoint has been selected as a trusted vendor by the Continuous Diagnostics and Mitigation (CDM) and Continuous Monitoring
More informationContinuous Diagnostics and Mitigation (CDM) Phase II Managing People & Access. Jim Quinn October 28, 2014
Continuous Diagnostics and Mitigation (CDM) Phase II Managing People & Access Jim Quinn October 28, 2014 1 CDM Capabilities Capability: A collection (set) of security controls that work together to achieve
More informationStreamline Physical Identity and Access Management
Streamline Physical Identity and Access Management Quantum Secure s SAFE Software Suite automates key processes and empowers IT teams to implement, streamline and manage physical access Table of Contents
More informationModernizing Cyber Defense: Embracing CDM. Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA
Modernizing Cyber Defense: Embracing CDM Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107 info@okta.com 1-888-722-7871 The Department of Homeland Security s (DHS) Continuous Diagnostic and
More informationContinuous Diagnostic and Mitigation and Continuous Monitoring as a Service. CMaaS TASK AREAS
Continuous Diagnostic and Mitigation and Continuous Monitoring as a Service CMaaS TASK AREAS CMaaS TASK AREAS The contractor shall provide functional, strategic, and managerial business consulting and
More informationInfor Risk and Compliance for CDM Phase 2: Automate, integrate, manage, and report across your enterprise
Public Sector Infor Risk and Compliance for CDM Phase 2: Automate, integrate, manage, and report across your enterprise Now in its Phase 2 rollout, The Department of Homeland Security (DHS) and General
More informationDRIVING CYBER CAPABILITIES THROUGH RSA ARCHER
DRIVING CYBER CAPABILITIES THROUGH RSA ARCHER on the Department of Homeland Security s Continuous Diagnostics And Mitigation (CDM) Program Presented By Matt House Director, Cybersecurity Services January
More informationSecuring the Future with Physical Identity and Access Management
Securing the Future with Physical Identity and Access Management 1 CONTENTS 03 04 05 06 07 08 10 Introduction Physical Identity and Access Management: Bridging the stakeholder gap Physical Identity and
More informationUNDERSTANDING CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)
ONLINE REPORT SPONSORED BY: CONTRACT GUIDE UNDERSTANDING CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) INSIDE 2 3 4 5 6 WHAT IS CDM AND WHY DO YOU NEED IT? CDM COULD BE A GAME-CHANGER HOW DOES CDM WORK? WITH
More informationDATA SHEET RSA IDENTITY GOVERNANCE & LIFECYCLE SERVICES ACCELERATE TIME-TO-VALUE WITH PROFESSIONAL SERVICES FROM RSA IDENTITY ASSURANCE PRACTICE
DATA SHEET RSA IDENTITY GOVERNANCE & LIFECYCLE SERVICES ACCELERATE TIME-TO-VALUE WITH PROFESSIONAL SERVICES FROM RSA IDENTITY ASSURANCE PRACTICE EXECUTIVE SUMMARY Managing identities and related risks
More informationContinuous Diagnostics and Mitigation (CDM) and Mobile Security. ATARC Federal Mobile Technology Summit August 30, 2018
Continuous Diagnostics and Mitigation (CDM) and Mobile ATARC Federal Mobile Technology Summit August 30, 2018 Moving to Stronger Risk Management Threat-based Approach Cyber Hygiene Compliance Pre-CDM Risk
More informationVol. 2 Management RFP No. QTA0015THA General Services Administration (GSA) Enterprise Infrastructure Solutions (EIS)
General Services Administration (GSA) Enterprise Infrastructure Solutions (EIS) or more test data sets provided by GSA and demonstrate how we meet the specified BSS acceptance criteria through the test
More informationSOLUTION BRIEF RSA ARCHER PUBLIC SECTOR SOLUTIONS
RSA ARCHER PUBLIC SECTOR SOLUTIONS INTRODUCTION Federal information assurance (IA) professionals face many challenges. A barrage of new requirements and threats, a need for better risk insight, silos imposed
More informationComprehensive Cost and Security Management for C2S Environments
SOLUTION BRIEF Comprehensive Cost and Security Management for C2S Environments Security Highlights CloudTrail Integration Leverage the strength of CloudTrail reporting. CloudCheckr parses the logs for
More informationSAP Road Map for Governance, Risk, and Compliance Solutions
SAP Road Map for Governance, Risk, and Compliance Solutions Q4 2016 Customer Disclaimer The information in this presentation is confidential and proprietary to SAP and may not be disclosed without the
More informationFACE DOWN CYBERTHREATS WITH CDM INSIDE P2 CDM ROLLOUT PRESSURED BY INCREASING THREATS P3 WHAT S NEXT FOR CDM? P4 ALLIANT GWAC USED FOR SOME CDM NEEDS
ONLINE REPORT SPONSORED BY: FACE DOWN CYBERTHREATS WITH CDM INSIDE P2 CDM ROLLOUT PRESSURED BY INCREASING THREATS P3 WHAT S NEXT FOR CDM? P4 ALLIANT GWAC USED FOR SOME CDM NEEDS P5 PHASE 3 REQUIREMENTS
More informationVULNERABILITY MANAGEMENT BUYER S GUIDE
VULNERABILITY MANAGEMENT BUYER S GUIDE VULNERABILITY MANAGEMENT BUYER S GUIDE 01 Introduction 2 02 Key Components 3 03 Other Considerations 10 About Rapid7 11 01 INTRODUCTION Exploiting weaknesses in browsers,
More informationDeveloping Connected Products - What s needed? Driven to enable your success!
Developing Connected Products - What s needed? Driven to enable your success! What s a Connected Product Smart, connected products are products, assets and other things embedded with processors, sensors,
More informationOIC LLC is our Oracle Partner name. It stands for Oracle Independent Consultants (OIC) LLC.
OIC FAQ This document contains some of our Frequently Asked Questions (FAQ). We also include links to Oracle resources, which may require you to log in Oracle Partner Network (OPN). All OIC Contractors
More informationBuying IoT Technology: How to Contract Securely. By Nicholas R. Merker, Partner, Ice Miller LLP
Buying IoT Technology: How to Contract Securely By Nicholas R. Merker, Partner, Ice Miller LLP More and more products are shipping with sensors and network connectivity to capitalize on the currency of
More informationProgram Lifecycle Methodology Version 1.7
Version 1.7 March 30, 2011 REVISION HISTORY VERSION NO. DATE DESCRIPTION AUTHOR 1.0 Initial Draft Hkelley 1.2 10/22/08 Updated with feedback Hkelley 1.3 1/7/2009 Copy edited Kevans 1.4 4/22/2010 Updated
More informationWHITE PAPER RSA RISK FRAMEWORK FOR DYNAMIC WORKFORCE MANAGING RISK IN A COMPLEX & CHANGING WORK ENVIRONMENT
RSA RISK FRAMEWORK FOR DYNAMIC WORKFORCE MANAGING RISK IN A COMPLEX & CHANGING WORK ENVIRONMENT INTRODUCTION Digital Transformation is a journey underway in organizations across the globe. Defined as an
More informationDRAFT ENTERPRISE TECHNICAL REFERENCE FRAMEWORK ETRF WHITE PAPER
DRAFT ENTERPRISE TECHNICAL REFERENCE FRAMEWORK ETRF WHITE PAPER CONTENTS CONTENTS... 0 INTRODUCTION... 1 VISION AND OBJECTIVES... 1 ARCHITECTURE GUIDING PRINCIPLES... 1 ENTERPRISE TECHNICAL REFERENCE FRAMEWORK
More informationCDM DEFEND. Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) Industry Day May 15, 2017
Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) CDM DEFEND Industry Day May 15, 2017 2 Agenda Introductions Administrative Announcements CDM
More informationIdentity and Access Management. Program Primer
Identity and Access Program Primer Executive Summary The role of identity in the modern enterprise has been steadily growing in importance over the last decade. As the enterprise technology stack continues
More informationFederal Identity, Credential, and Access Management Trust Framework Solutions. Overview
1 2 3 4 5 6 Federal Identity, Credential, and Access Management Trust Framework Solutions 7 8 Overview 9 10 11 12 13 14 15 16 17 18 19 Version 1.0.0 DRAFT: 11/11/13 Questions? Contact the FICAM TFS Program
More informationKNIGHT POINT S NETWORK MANAGED SERVICES DELIVERING COMMUNICATIONS AS A SERVICE TO THE FEDERAL GOVERNMENT
KNIGHT POINT S NETWORK MANAGED SERVICES DELIVERING COMMUNICATIONS AS A SERVICE TO THE FEDERAL GOVERNMENT Background: A Changing Environment Current trends in government and industry are driving dramatic
More informationVULNERABILITY MANAGEMENT BUYER S GUIDE
VULNERABILITY MANAGEMENT BUYER S GUIDE CONTENTS Introduction 2 Key Components 3 Other Considerations 11 About Rapid7 12 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems, and other third-party
More informationEnsuring Organizational & Enterprise Resiliency with Third Parties
Ensuring Organizational & Enterprise Resiliency with Third Parties Geno Pandolfi Tuesday, May 17, 2016 Room 7&8 (1:30-2:15 PM) Session Review Objectives Approaches to Third Party Risk Management Core Concepts
More informationHID SAFE Enterprise. Enterprise Class Physical Identity and Access Management Solution
HID SAFE Enterprise Enterprise Class Physical Identity and Access Management Solution Reduce the costs and risks in managing physical access of your employees, contractors, tenants and visitors. HID SAFE
More informationInternal Controls. Presented by Donna Maskil-Thompson SPP RE Workshop 03/15/2016. Property of KC Board of Public Utilities - PUBLIC
Internal Controls Presented by Donna Maskil-Thompson SPP RE Workshop 03/15/2016 Property of KC Board of Public Utilities - PUBLIC - 2016 1 Internal Controls The policies, procedures, practices and organizational
More informationSecurely Enabling the Enterprise of Things
Securely Enabling the Enterprise of Things Trust in BlackBerry Almost every product in Blackberry s bag of tricks directly or by extension is addressing the challenges of managing a diverse set of IoT
More informationHID SAFE for Aviation
HID SAFE for Aviation A Modern Enterprise Identity Management Software Suite CROSS AIRPORT DEPARTMENTS Role-based Users Authorized Signatories Aviation Security SOC/Comms Finance Ticketing/Violations
More informationReal Time Enterprise
Association for Enterprise Integration Enterprise Integration Expo 2003 eptember 24, 2003 Collaborative Identity Management Real Time Enterprise aundra Throneberry, CIO trategy, Technology & tandards EAB
More informationAn Introduction to Oracle Identity Management. An Oracle White Paper June 2008
An Introduction to Oracle Identity Management An Oracle White Paper June 2008 An Introduction to Oracle Identity Management INTRODUCTION Oracle Identity Management's best-in-class suite of identity management
More information2013 LS3, Incorporated.
HSPD-12/PIV Credential Solution Migration Planning When considering management and technical challenges associated with migrating from one service provider to another within solution lifecycles, there
More informationThe innovation engine for the digitized world The New Style of IT
The innovation engine for the digitized world The New Style of IT New Style of IT supported by HP Software bernd.ludwig@hpe.com Copyright 2015 Hewlett-Packard Development Company, L.P. The information
More informationSOA Health, Governance and Security
SOA Health, Governance and Security Ross Moodley SOA Leader IBM Global Business Services Australia/New Zealand Vinod Ralh SOA Architecture Leader IBM Software Group Australia/New Zealand IBM has harvested
More informationSECTION 2 DESCRIPTION / SPECIFICATIONS / STATEMENT OF WORK
SECTION 2 DESCRIPTION / SPECIFICATIONS / STATEMENT OF WORK 2.1 BACKGROUND The Department of Homeland Security (DHS) has responsibility for overseeing and assisting Government-wide and agency-specific efforts
More informationEhi Ethical Hacking and Countermeasures Version 6. Security Convergence
Ehi Ethical Hacking and Countermeasures Version 6 Module LXVI Security Convergence Module Objective This module with familiarize you with: Security Convergence Challenges on Security Convergence RAMCAP
More informationETLS Validation & Verification University of St. Thomas. John Engelman Fall 2016
ETLS 509 - Validation & Verification University of St. Thomas John Engelman Fall 2016 ETLS 509 - Session 3 Review Validation process Verification process Example verification matrix (a small portion) Boeing
More informationAPI 360: The Complete API Strategy Model for the Enterprise
API 360: The Complete API Strategy Model for the Enterprise Enabling Growth With APIs Growing your enterprise is an ongoing priority. And, as the Successfully executing a digital strategy requires the
More informationAuditing Identity & Access Management: Addressing the Root Causes
Auditing Identity & Access Management: Addressing the Root Causes HCCA Compliance Institute April 18, 2018 Johan Lidros CISA, CISM, CGEIT, CRISC, HITRUST CCSFP, ITIL-F President Eminere Group Table of
More informationSecure Data Services and API Management: Critical for Success in the Digital Economy
Secure Data Services and API Management: Critical for Success in the Digital Economy Greg Hoelzer Sr. Application Platform Solutions Architect September 21st, 2016 1 EMERGING OPPORTUNITIES How do you plan
More informationModernization and Migration Management (M3) Playbook GSA, Unified Shared Services Management
Modernization and Migration Management (M3) Playbook GSA, Unified Shared Services Management Introduction How to Read an Activity Description Objective: Provides the overall objective of the activity :
More informationSmart e-government Services for Citizens and Enterprises. Margarete Donovang-Kuhlisch, Government Industry Technical Leader, Europe
Smart e-government Services for Citizens and Enterprises Margarete Donovang-Kuhlisch, Government Industry Technical Leader, Europe mdk@de.ibm.com Agenda Smart Government Context Smarter Planet A Definition
More informationCertified Identity Governance Expert (CIGE) Overview & Curriculum
Overview Identity and Access Governance (IAG) provides the link between Identity and Access Management (IAM) rules and the policies within a company to protect systems and data from unauthorized access,
More informationIntegrating People, Processes and Information
Integrating People, Processes and Information ArchestrA System Platform Your Industrial Operating System In today s challenging times, you need to drive more performance from your assets, collaborate better
More informationInteragency Advisory Board Meeting Agenda, May 27, 2010
Interagency Advisory Board Meeting Agenda, May 27, 2010 1. Opening Remarks 2. PIV-I Status (Judy Spencer, GSA) 3. PIV Test Requirements (Dave Temoshok, GSA) 4. ICAM Progress at USDA (Owen Unangst, USDA)
More informationServiceNow Order Form Product and Use Definitions
SERVICENOW USE AUTHORIZATION Order Number 06915JF UC1 ServiceNow, Inc. 3260 Jay Street Santa Clara, CA 95054 End Customer Address: Reseller: Company Name Address Suite City State/Province Zip/Postal Code
More informationIBM Data Security Services for activity compliance monitoring and reporting log analysis management
Improving your compliance posture and reducing risk through log analysis management IBM Data Security Services for activity compliance monitoring and reporting log analysis management Highlights Provide
More informationPORTFOLIO AND TECHNOLOGY DIRECTION ARMISTEAD SAPP & RANDY GUARD
PORTFOLIO AND TECHNOLOGY DIRECTION ARMISTEAD SAPP & RANDY GUARD FOCUS MARKETS SAS Addressable Market Size $US Billions $14.7 2015 2019 $10.6 $9.6 $7.0 $7.9 $5.0 $2.6 $3.7 $5.7 $4.4 $3.0 $4.2 BUSINESS INTELLIGENCE
More informationSecurity overview. 2. Physical security
1. Collaborate on your projects in a secure environment Thousands of businesses, including Fortune 500 corporations, trust Wrike for managing their projects through collaboration in the cloud. Security
More informationIdentity & Access Management Unlocking the Business Value
Identity & Management Unlocking the Business Value Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Unlocking the Value of Identity and Management Defining the IAM challenge
More informationDEFENSE ACQUISITION UNIVERSITY ISA 101 BASIC INFORMATION SYSTEM ACQUISITION
1 Identify applicable United States laws, federal regulations and DoD directives that govern management of IT/SW systems. Identify key statutes related to the acquisition of Information Technology (IT)
More informationNiagara Update N4 & Niagara Analytics. January 19, 2018 The Langham Luxury Hotel, Chicago, IL
Niagara Update N4 & Niagara Analytics January 19, 2018 The Langham Luxury Hotel, Chicago, IL Agenda Niagara 4 Product Updates Access and Security Product Updates Niagara Cloud Niagara Analytics Estimating
More informationTECHNOLOGY AND AUDIT: A MUTUAL FUTURE THERESA GRAFENSTINE CHAIR, ISACA BOARD OF DIRECTORS 2/15/2018
TECHNOLOGY AND AUDIT: A MUTUAL FUTURE THERESA GRAFENSTINE CHAIR, ISACA BOARD OF DIRECTORS 2/15/2018 1 AGENDA THE AUDIT LANDSCAPE PROCESSES AND TRENDS CHANGES LOOKING FORWARD AUDIT OF THE FUTURE ENTERPRISE
More informationAutomating the Defense: Really Taking Advantage of Automated Sharing
Automating the Defense: Really Taking Advantage of Automated Sharing Michael Vermilye The Johns Hopkins University Applied Physics Laboratory 2017 by The Johns Hopkins Applied Physics Laboratory. Material
More informationThe CipherTrust Cloud Key Manager for Software-as-a-service
Enterprise Strategy Group Getting to the bigger truth. Solution Showcase The CipherTrust Cloud Key Manager for Software-as-a-service Date: December 2017 Author: Doug Cahill, Senior Analyst; and Leah Matuson,
More informationLIST OF TABLES. Table Applicable BSS RMF Documents...3. Table BSS Component Service Requirements... 13
General Services Administration NS2020 Enterprise Infrastructure Solutions EIS RFP #QTA0015THA3003 Volume 2: Management BSS Risk Management Framework Plan LIST OF TABLES Table 8.2-1. Applicable BSS RMF
More information2017 North American Physical Security Intelligence Solutions Company of the Year Award
2017 North American Physical Security Intelligence Solutions Company of the Year Award 2017 NORTH AMERICAN PHYSICAL SECURITY INTELLIGENCE SOLUTIONS COMPANY OF THE YEAR AWARD Contents Background and Company
More informationDelivering Business Results for Connected Industrial Systems
Delivering Business Results for Connected Industrial Systems Start Faster. Go Further. A Our Customers A Solution Outcomes Industrial Thing Makers ü Healthcare ü Heavy Equipment ü Oil & Energy ü Fleet
More informationDigital Manufacturing Services
Digital Manufacturing Services Helping to steer your digital transformation journey to smart, connected products and plants, while keeping your mobility, connectivity, analytics and cloud solutions inherently
More informationSmart Solutions with Connected Manufacturing. Chet Namboodri Managing Director Global Manufacturing Industry Cisco Systems, Inc.
Smart Solutions with Connected Manufacturing Chet Namboodri Managing Director Global Manufacturing Industry Cisco Systems, Inc. Agenda Manufacturing Industry Business Drivers Business Value of IoE with
More informationSCRM for CDM Products
SCRM for CDM Products CDM Tools Approved Products List (APL) Supply Chain Risk Management Plan Overview Briefing for CISQ Cyber Resilience Summit October 19, 2017 Continuous Diagnostics and Mitigation
More informationThe Anatomy and Lifecycle of a Metric
A metric is the expression of the state and/or quality of a critical aspect of your IT and security infrastructure and is the basis for directing investments to areas of high risk, as well as a forum for
More informationBIGFIX. Maintaining Continuous Compliance with BigFix. Executive Summary
Maintaining Continuous Compliance with BigFix Executive Summary Meeting regulatory and internal compliance guidelines is a de facto standard practice for IT operations and IT security teams in public and
More informationApplication Performance Management Advanced for Software as a Service
Application Delivery Management Application Performance Management Advanced for Software as a Service Micro Focus Application Performance Management (APM) Advanced for Software as a Service (SaaS) is an
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Hardward Device Hardware Device Inventory provides the Enterprise with the methods and schema necessary to identify
More informationANNEX 2 Security Management Plan
ANNEX 2 Page 1 of 24 The following pages define our draft security management plan (a complete and up to date shall be submitted to The Authority within 20 days of contract award as per Schedule 2.4, para
More informationEnabling a Comprehensive Platform for BCMP that integrates People, Process and Technology
Enabling a Comprehensive Platform for BCMP that integrates People, Process and Technology TM Overview Perpetuuiti provides an intelligent, end-to-end automated approach towards Business Continuity Planning
More informationENABLE DIGITAL - % COMPLETE ENGAGED WORKFORCE - % COMPLETE
Each commitment listed below consists of one or more projects, and has at least one performance measure. Every year, targets are established to track progress towards the measure(s). The status shown on
More informationFULL SPEED AHEAD THE IXIA CHANNEL XCELERATE PROGRAM NORTH AMERICA
FULL SPEED AHEAD THE IIA CHANNEL CELERATE PROGRAM NORTH AMERICA Keysight 1998-2016 Technologies, Ixia All Rights 2017 Reserved. Be Part of the Momentum... Nothing beats playing on a winning team. Joining
More informationDelivering Governed Self-Service BI across the Enterprise
Delivering Governed Self-Service BI across the Enterprise 1 TABLE OF CONTENTS Introduction... 3 Key Self-Service BI Governance Capabilities... 4 Top 10 Success Factor Features... 4 Self-Service Governance
More informationSrinivasan Sundara Rajan MASTER Architect / Cloud Evangelist / Cloud Computing Journal Author
Architecting The Cloud Srinivasan Sundara Rajan MASTER Architect / Cloud Evangelist / Cloud Computing Journal Author Cloud Definition Definition Cloud Computing is a model for enabling convenient, on-demand
More informationSystems Engineering: The Glue that Binds Disparate Acquisition Organizations
Systems Engineering: The Glue that Binds Disparate Acquisition Organizations Thomas H. Holzer, D.Sc. 1 May 2008 SSTC 2008 Thomas.h.holzer@nga.mil 1 Topics The Situation The Ways Forward The Benefits 2
More informationRecommendation: Directory Services Architecture and Future IAM Governance Model
Recommendation: Directory Services Architecture and Future IAM Governance Model I. EXECUTIVE SUMMARY Identity and access management (IAM) is a broad administrative function that identifies individuals
More informationRSA Identity Management & Governance
RSA Identity Management & Governance 1 RSA IAM Enabling trusted interactions between identities and information Access Platform Authentication Federation/SSO Employees/Partners/Customers Identity Intelligence
More informationFederal Segment Architecture Methodology Overview
Federal Segment Architecture Methodology Background In January 2008, the Federal Segment Architecture Working Group (FSAWG) was formed as a sub-team of the Federal CIO Council s Architecture and Infrastructure
More informationCertified Information Professional 2016 Update Outline
Certified Information Professional 2016 Update Outline Introduction The 2016 revision to the Certified Information Professional certification helps IT and information professionals demonstrate their ability
More informationEMEA USERS CONFERENCE BERLIN, GERMANY. Copyright 2016 OSIsoft, LLC
Continuing the Journey to Operational Intelligence Process Industries Presented by Perry Zalevsky Industry Principal, OSIsoft Agenda Conference Theme and Keywords Welcome Safety Overview of the Day Operational
More informationWhite Paper. 3 Steps to Effectively Manage the Plant Floor Network
White Paper May 2016 WP-26 3 Steps to Effectively Manage the Plant Floor Network Introduction The manufacturing plant floor is a complex environment with plenty of physical resources to measure and manage,
More informationΑππλιχατιονσ βασεδ ον Σουρχε οφ Αππλιχατιον
Applications based on Nature of Processing This is the way an application updates data, say in batch processing, there is a time delay in occurrence and recording of transaction. On the other hand in online
More informationWhite Paper Describing the BI journey
Describing the BI journey The DXC Technology Business Intelligence (BI) Maturity Model Table of contents A winning formula for BI success Stage 1: Running the business Stage 2: Measuring and monitoring
More informationCHOOSE THE RIGHT IDENTITY & ACCESS MANAGEMENT SOLUTION
E VA L U AT ION C HE C K L I S T CHOOSE THE RIGHT IDENTITY & ACCESS MANAGEMENT SOLUTION Realise business value by protecting critical assets from unauthorised access HELPING YOU TO SECURE AN EXTENDED ENTERPRISE
More informationIdentity and Access Management
Chapter 2 Identity and Access Management There are many configurations of identity and access management (IAM) systems, and to some extent, each organization s IAM system will be unique, developed and
More informationThe Path to Creating and Sustaining Value. The Scorecard. for Selecting, Managing & Leveraging your Services Team:
The Path to Creating and Sustaining Value The Scorecard for Selecting, Managing & Leveraging your Services Team: This presentation is only for the private consumption of ISC Session attendees. Any other
More informationTRIOLE. Beyond Platforms: Navigating towards better IT optimization, the Fujitsu way. Stephen Price General Manager, Services
TRIOLE Beyond Platforms: Navigating towards better IT optimization, the Fujitsu way. Stephen Price General Manager, Services All Rights Reserved. Fujitsu Hong Kong Limited 2005 Agenda Business Challenges
More informationIDENTITY AND ACCESS MANAGEMENT PROJECT QUALITY ASSURANCE REPORT #1
IDENTITY AND ACCESS MANAGEMENT PROJECT QUALITY ASSURANCE REPORT #1 APRIL 30, 2017 May 9, 2017 Heidi Geathers, Deputy Chief Information Officer Washington Technology Solutions 1500 Jefferson Building Olympia
More informationHP Agile Manager. Key Benefits. At a glance. Project Management. Key Software Capabilities. Administration. Enterprise SaaS.
Datasheet HP Agile Manager At a glance HP Agile Manager ( AGM ) is an on-demand Software-as-a-Service (SaaS) solution for Agile Project Management. HP Agile Manager software acts as the communication hub
More informationAchieve Operational Efficiency in Car Manufacturing with Advanced Analytics
Achieve Operational Efficiency in Car Manufacturing with Advanced Analytics Dr. Sebastian Schmerl Solution Manager Cyber Defense for Production and IoT Philipp Drieger Sr. Sales Engineer SME BA IoT ML
More informationIBM Resilient Incident Response Platform On Cloud
IBM Terms of Use SaaS Specific Offering Terms IBM Resilient Incident Response Platform On Cloud The Terms of Use ( ToU ) is composed of this IBM Terms of Use - SaaS Specific Offering Terms ( SaaS Specific
More informationVol. 1 Technical RFP No. QTA0015THA
2.1.15 Service Related Equipment [C.2.10, Section D] 2.1.15.1 Compliance with Evaluation Criteria [L.29.2.1] The MetTel SRE solution fulfills the mandatory service requirements for SRE contained in SOW
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to build and operate security operations centers (SOC) of any size (large, med,
More informationHow to Get the Most Out of Your Guidewire Platform With Shared Services
POINT OF VIEW INSURANCE APPLICATION SERVICES How to Get the Most Out of Your Guidewire Platform With Shared Services APRIL 2018 2018 NTT DATA, Inc. All rights reserved. NTT DATA Services Point of View
More informationEntrust Solutions for epassport Issuance & Validation Kumar Vankalapati, Entrust
Entrust Solutions for epassport Issuance & Validation Kumar Vankalapati, Entrust 2013 MRTD Symposium 1 22-24 October, 2013 emrtd Why electronic ID documents? Strong Binding of document to Identity Mitigate
More informationSarbanes-Oxley Compliance Kit
Kit February 2018 This product is NOT FOR RESALE or REDISTRIBUTION in any physical or electronic format. The purchaser of this template has acquired the rights to use it for a SINGLE Disaster Recovery
More informationPRO: Designing and Developing Microsoft SharePoint Server 2010 Applications
PRO: Designing and Developing Microsoft SharePoint Server 2010 Applications 10232; 5 Days, Instructor-led Course Description This five-day instructor-led course is intended for SharePoint Development professionals
More information