Information Security News mailing list archives
Agencies Will Soon Have a Cyber Hygiene Score -- And Will Know Where They Rank
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 29 Nov 2018 10:23:58 +0000 (UTC)
https://www.nextgov.com/cybersecurity/2018/11/agencies-will-soon-have-cyber-hygiene-scoreand-will-know-where-they-rank/153114/ By Aaron Boyd Senior Editor NextGov November 28, 2018Soon, federal agencies will have a clear idea of how they are doing on basic cybersecurity and be able to compare their posture to other agencies across the government.
The Homeland Security Department's Continuous Diagnostics and Mitigation program, or CDM, is providing agencies with a sophisticated suite of cybersecurity tools. As those tools are put in place, the associated sensors are sending data to a centralized dashboard, giving Homeland Security and agencies a holistic view of cybersecurity throughout the federal enterprise.
Now, Homeland Security is using that data to compile cyber scores using an algorithm called AWARE, which stands for Agency-Wide Adaptive Risk Enumeration. The algorithm measures the existence of known vulnerabilities within an agency's systems -- those that have yet to be patched -- and the baseline configuration settings to give an agency an overall rating on cyber hygiene.
Kevin Cox, CDM program manager at Homeland Security, likened the AWARE score to a credit score but in reverse -- a higher number generally represents a worse cyber posture.
[...] -- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- Agencies Will Soon Have a Cyber Hygiene Score -- And Will Know Where They Rank InfoSec News (Nov 29)