Download pdf - FNS FY11 Highlights - Homeland Security | Home€¦ · GSA’s FedRamp and the EU-US Cloud Computing Technical Seminar in Brussels) Security Management (SM) • Planned and executed

•

•

FY10 FY11

0

10 90

20 80

30 70

40 6050

100

62.1

0

10 90

20 80

30 70

40 6050

100

73.9

Cybersecurity Performance Management (CPM)• FormulatedtheFY10AnnualFISMACongressionalReport• DevelopedanddistributedFY11FISMAreportingguidanceandmetricsforfederalcivilianagencies

• DistributedFISMAresultstoFederalExecutiveBranchAgencyCIOs/CISOs

• Completed7agencyCyberStatReviewsand17CIO/CISOInterviews

• Completedenterprise-wideanalysisofCIO/CISOInterviewandCyberScopedata

Requirements & Acquisition Support (RAS)• SAIRTier1BPAnettedover$78MillionincostavoidanceinFY11;over$85Millionintotalcostavoidancetodate

• IncollaborationwithGSA,awarded14BPAsforRiskManagementFrameworkservices

• EstablishedHHSandSPAWARasRMFSSCs• Co-authoredtheCAESARSReferenceArchitectureFrameworkExtension

Compliance & Assurance Program (CAP)• Completed18TICAPagencyand4MTIPSvendorCCVs• InitiatedRVAandInsiderThreatPrograms,includingaPilotAssessmentwiththeFederalAviationAdministration(FAA)

• GeneratedweeklyDNSSECvalidationscansofthefederalenterprise,formalizedDNSSECvalidationreports,andassistedtheDNSSECTigerTeam

• Definedandexecutedformalprogrammanagementprocessacrosstheorganization;resultinginmoreefficientday-to-dayoperations

Network & Infrastructure Security (N&IS)• PublishedtheTICReferenceArchitecturev2.0andtheTIC2.0ImplementationPlan

• EngagedwithTICcommunityviatwoTICPOA&MdatacallsandtwoTICWorkingGroups

• PublishedtheWLAN,DNSInfrastructure,andCAESARSReferenceArchitectures

• LaunchedtheTelework/RemoteAccess,eMailGateway,andCSATSReferenceArchitectures

• SupportedGovernmentCloudComputingEfforts(includingGSA’sFedRampandtheEU-USCloudComputingTechnicalSeminarinBrussels)

Security Management (SM)• Plannedandexecuted2011FederalCybersecurityConferenceandWorkshopandtheContinuousMonitoringTrackforthe2011NISTITSecurityAutomationConference

• DevelopedandfinalizedtheSecurityManagementMaturityQuestionnaire(SMMQ)

• ManagedFNSwww.dhs.govwebsiteandcreatedOMBMaxPortalinstancesfortheFNSledCISOAdvisoryCouncils

• ConductedRMMpilotassessmentswithtwofederalagenciestoimprovevisibilityofcyberresiliency

Project Management Office (PMO) • FormalizedFNS5-yearStrategy,including:theFNSStrategyMap,theFNSBalancedScorecard,andtheFY11ProjectPortfolio

• ExecutedFY11FNSBudgetwitha99.6%obligationrateandpreparedFY13-15FNSBudgetJustification.AlignedallBudgetModelswithFNSStrategyMapandProjectPortfolio

• DevelopedFNSStaffingPlanandOrganizationalDevelopmentPlan;andalignedthemwiththeNICEInitiative

• DevelopedFISMapprovalandpublicationprocess.ReleasedFISM11-01(TIC2.0Architecture)andFISM11-02(FISMAreportinginstructionsfor2011)

• IncreasedoverallFISMAcapabilitiesfrom62.1%inFY10to73.9%inFY11

• EstablishedLargeandSmallAgencyCISOAdvisoryCouncils

• Establishedcybersecurityawardsprogramandrecognizedtop2agenciesforincreasedcyberposture

• Droveimprovementon13outofthe15FISMAKeySecurityMetricCapabilitiesfromFY10toFY11

• Portabledeviceencryptionacrossagenciesincreasedfrom54%inFY10to83%inFY11

• Government-WideContinuousMonitoringcomplianceaveragesincreasedfrom56.3%inFY10to78.3%inFY11

• ImprovedDNSSECcompliancefrom35%inFY10to65%inFY11

• Improvedemailvalidationtechnologycompliancefrom46%to58%

• Improved2factorlogicalaccess(HSPD-12)compliancefrom55%to66%

• ImprovedTICv1capabilitiescompliancefrom60%to72%andTICtrafficconsolidationcompliancefrom48%to65%

FNS FY11 HighlightsFederal Cybersecurity Posture