Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
•
•
FY10 FY11
0
10 90
20 80
30 70
40 6050
100
62.1
0
10 90
20 80
30 70
40 6050
100
73.9
Cybersecurity Performance Management (CPM)• FormulatedtheFY10AnnualFISMACongressionalReport• DevelopedanddistributedFY11FISMAreportingguidanceandmetricsforfederalcivilianagencies
• DistributedFISMAresultstoFederalExecutiveBranchAgencyCIOs/CISOs
• Completed7agencyCyberStatReviewsand17CIO/CISOInterviews
• Completedenterprise-wideanalysisofCIO/CISOInterviewandCyberScopedata
Requirements & Acquisition Support (RAS)• SAIRTier1BPAnettedover$78MillionincostavoidanceinFY11;over$85Millionintotalcostavoidancetodate
• IncollaborationwithGSA,awarded14BPAsforRiskManagementFrameworkservices
• EstablishedHHSandSPAWARasRMFSSCs• Co-authoredtheCAESARSReferenceArchitectureFrameworkExtension
Compliance & Assurance Program (CAP)• Completed18TICAPagencyand4MTIPSvendorCCVs• InitiatedRVAandInsiderThreatPrograms,includingaPilotAssessmentwiththeFederalAviationAdministration(FAA)
• GeneratedweeklyDNSSECvalidationscansofthefederalenterprise,formalizedDNSSECvalidationreports,andassistedtheDNSSECTigerTeam
• Definedandexecutedformalprogrammanagementprocessacrosstheorganization;resultinginmoreefficientday-to-dayoperations
Network & Infrastructure Security (N&IS)• PublishedtheTICReferenceArchitecturev2.0andtheTIC2.0ImplementationPlan
• EngagedwithTICcommunityviatwoTICPOA&MdatacallsandtwoTICWorkingGroups
• PublishedtheWLAN,DNSInfrastructure,andCAESARSReferenceArchitectures
• LaunchedtheTelework/RemoteAccess,eMailGateway,andCSATSReferenceArchitectures
• SupportedGovernmentCloudComputingEfforts(includingGSA’sFedRampandtheEU-USCloudComputingTechnicalSeminarinBrussels)
Security Management (SM)• Plannedandexecuted2011FederalCybersecurityConferenceandWorkshopandtheContinuousMonitoringTrackforthe2011NISTITSecurityAutomationConference
• DevelopedandfinalizedtheSecurityManagementMaturityQuestionnaire(SMMQ)
• ManagedFNSwww.dhs.govwebsiteandcreatedOMBMaxPortalinstancesfortheFNSledCISOAdvisoryCouncils
• ConductedRMMpilotassessmentswithtwofederalagenciestoimprovevisibilityofcyberresiliency
Project Management Office (PMO) • FormalizedFNS5-yearStrategy,including:theFNSStrategyMap,theFNSBalancedScorecard,andtheFY11ProjectPortfolio
• ExecutedFY11FNSBudgetwitha99.6%obligationrateandpreparedFY13-15FNSBudgetJustification.AlignedallBudgetModelswithFNSStrategyMapandProjectPortfolio
• DevelopedFNSStaffingPlanandOrganizationalDevelopmentPlan;andalignedthemwiththeNICEInitiative
• DevelopedFISMapprovalandpublicationprocess.ReleasedFISM11-01(TIC2.0Architecture)andFISM11-02(FISMAreportinginstructionsfor2011)
• IncreasedoverallFISMAcapabilitiesfrom62.1%inFY10to73.9%inFY11
• EstablishedLargeandSmallAgencyCISOAdvisoryCouncils
• Establishedcybersecurityawardsprogramandrecognizedtop2agenciesforincreasedcyberposture
• Droveimprovementon13outofthe15FISMAKeySecurityMetricCapabilitiesfromFY10toFY11
• Portabledeviceencryptionacrossagenciesincreasedfrom54%inFY10to83%inFY11
• Government-WideContinuousMonitoringcomplianceaveragesincreasedfrom56.3%inFY10to78.3%inFY11
• ImprovedDNSSECcompliancefrom35%inFY10to65%inFY11
• Improvedemailvalidationtechnologycompliancefrom46%to58%
• Improved2factorlogicalaccess(HSPD-12)compliancefrom55%to66%
• ImprovedTICv1capabilitiescompliancefrom60%to72%andTICtrafficconsolidationcompliancefrom48%to65%
FNS FY11 HighlightsFederal Cybersecurity Posture