Information Security Continuous Monitoring (ISCM)

Troy, co-authored the JRIMS Joint Mission Needs Statement Homeland Security Enterprise – Information Sharing with the United States Coast Guard, representing CBP. This document was submitted to the Joint Requirements Council (JRC), adjudicated and awaiting validation. Additionally, Troy has been the Action Officer/Representative for CBP on activities to technically and operationally demonstrate Integrated Maritime Domain Enterprise - Operations and Intelligence Data Node system capabilities in Air and Marine Operations Center (AMOC)’s Air and Marine Operations Surveillance System (AMOSS).

Another step involves security checks upon implementation and describes agency-level threat to the business scenario or the mission. It similarly entails sanctioning the information system for processing and lastly constant monitoring of the security controls. FISMA and NIST's standards are aimed at offering the ways for agencies to achieve their identified missions with safety commensurate with the threat (United States Department of Agriculture, 2015). Together with guidelines from the Office of Management and Budget (OMB), FISMA and NIST create a framework for advancing and growing an information security scheme (SecureIT, 2008). Such framework includes control descriptions and evaluation, program development, and system certification and accreditation. The final objective involves conducting daily functioning of the agency and achieving the agency's articulated objectives with sufficient security commensurate with risk.

The OIG 2011 FISAM Assessment indicates that “FISMA Section 3544 requires establishing policies and procedures to ensure information security is addressed throughout the life cycle of each agency information system” (VA Office of Inspector General, 2012, p. 9). Based on the lack of consistency in use of SDLC and change control, major security risks may go unnoticed.

In the persuasive commentary. “Curfew A National Debate,” Barbara Bey argues that curfews are a bad idea. According to the author, “Curfews are one of many misguided anti-crime strategies” (474). Basically, Bey is saying when they make a curfew the government will not can not fight the criminals. I disagree with that because the curfews will help to the government to fight with the criminals.

Both Security Management and Prevention are categories that should be included in any review or audit process of IT systems. SM reviews how security is managed from the top down. The how and if management supports the ISMS program is identified. The overall management of the company and how services are provided are essential. Prevention looks at the performance and maintenance of IT systems and the reporting of these processes. It is extremely important to have these categories as part of the ISMS process and any review of these processes.

The U.S. economic downturn also played a major role in our security selections. Due to these recent attacks and the impact they have had upon our system, we will analyze our disaster readiness level, national security index, and budget. A detailed review of our security policies, procedures, rationale, and changes that were in place prior to the attack will be performed. This evaluation of our security decisions will be then be adjusted and reapplied to the control set in order to improve our security and national security index. After reviewing current security procedures, recommendations will be given to maximize the security posture and performance during round three.

Mr. Justin Landes worked with his team of Enterprise Management Systems (EMS) administrators through a successful Command Cyber Readiness Inspection (CCRI). Thanks to Mr. Landes’ superb work ethic, dedication, organizational skills, and technical abilities, he was able to take on the challenge of bringing up the overall compliance score of less than 50% to an exceptional score of 85.6%. This score ranked amongst the top 3% in the Army.

Looking at recommendations I would make, it’s important that management first recognize the function of cybersecurity in their overall business structure. They must maintain ongoing interactions

Sedition Act of 1918- on may 16,1918, the U.S congress passed the Sedition Act, a piece of legislation designed to protect America’s participation in World War 1.

Propaganda is the information given to society to manipulate their opinion. In George orwell’s book Animal Farm Propaganda was widely used throughout the pigs taking over the farm. The pigs use propaganda to control the animals of what the pigs think is a utopian life. One example is when the pigs placed in the saying “4 legs good 2 legs bad” this was a twist on the seven commandments. Another example is how Squealer was a spokesman for Napoleon and what he did to change the mind of the majority of the animals.

My past roles with the Army, USPTO, SOCOM and US Coast Guard, have provided me with the expert knowledge to interpret and translate the laws and regulations addressing information technology management and security. More specifically, as the Chief Information Security Officer (CISO) for the Army Materiel Command (AMC), I was the authoritative source for interpreting all security regulations for the command and served as the Senior Technical Advisor to the CIO on all Federal, DOD and Army regulations on information technology. On many occasions, I provided rulings and risk analysis on major mission applications when new regulations caused non-compliance or new applications current in development in which contract modification caused significant

The CREDMGMT program benefits participating agencies by helping to identify security issues so that agencies can develop better remediation strategies and priorities for their computing ecosystem. The CREDMGMT Solution enables continuous monitoring and diagnostics in support of mitigating activities designed to strengthen the security posture of the Federal civilian.gov networks.

Without a doubt, cybersecurity is one of the biggest threats the DHS faces. As technology evolves, this threat will continue to grow. What is the department doing about it? A cyber-attack could cause serious damage to our critical infrastructure if it was done properly. This is something that must be protected! The first step is to protect our federal networks and critical infrastructure. “The Department of Homeland Security (DHS) works with each federal civilian department and agency to promote the adoption of common policies and best practices that are risk-based and able to effectively respond to the pace of ever-changing threats. As systems are protected, alerts can be issued at machine speed when events are detected

In order to effectively implement security governance, the Corporate Governance Task Force (CGTF) recommends that organizations follow an established framework, such as the IDEAL framework from the Carnegie Mellon University Software Engineering Institute. This framework, which is described in the document “Information Security Governance: Call to Action,” defines the responsibilities of (1) the board of directors or trustees, (2) the senior organizational executive (i.e., CEO), (3) executive team members, (4) senior managers, and (5) all employees and users. This important document can be found at the Information Systems Audit and Control Association (ISACA) Web site at www.isaca.org/ContentManagement/ContentDisplay.cfm?ContentID=34997.

This assignment will introduce about a real life organization’s security, policy and practices. This assignment is implemented for a telecommunication organization in Malaysia which is MAXIS. Besides, there is a research about their ISMS plan and beneath will have further explanation about ISMS. There will be 10 steps to implement a certified ISMS system.