While compliance initiatives, by themselves, may not offer a complete cyber defense strategy considering today’s threat landscape, they offer a level of cyber hygiene necessary to build a strong security posture. The importance and priority of these initiatives were attested to by the attendance at Splunk’s Compliance breakfast seminar headlined by Dr. Ron Ross, NIST Fellow on February 7, 2017 at the Hilton Crystal City in Arlington, VA.
NIST 800-53 and related publications have long been the federal government’s guidance for risk management as they offer a framework that agencies can adopt based on their needs. The author of this framework, Dr. Ron Ross kicked off the event with 120+ attendees from agencies – federal, state and local, and systems integrators. He spoke to a holistic approach to managing not only security risks but privacy as well and how agencies and industry should prepare to handle them. While stressing the importance of building secure systems from the group up as smart devices proliferate our lives and the threat landscape becomes more complex, he also spoke how NIST is enhancing their guidance to keep up with the changing times and the digitally transforming agency. To this end, NIST is updating its 800-53 framework with a new revision 5, due out end of March 2017 which among many important enhancements includes changes to the controls being more outcome-based and decoupling them from the RMF process.
Dr. Ross also emphasized the need for automation as a key to successful risk management. In fact, agencies revealed in an informal survey that while compliance initiatives are an important stepping stone for security, their primary challenge is lack of automation – manual, ad-hoc, time intensive and disruptive processes. This was also the theme of the panel members who followed Dr. Ross - Stan Lowe of Booz Allen Hamilton, Chad Bahan from Coalfire/Veris Group, Dan Tudahl of Datapipe Government Solutions and Matt Coose from Qmulos.
Panel members detailed stories of how Splunk could overcome these challenges by automating real-time, granular visibility into compliance state across an organization. Since Splunk can ingest data from any source, it simplifies data collection while delivering capabilities to pinpoint root cause and resolve non-compliant issues quickly. Compliance managers can create dashboards and visuals in minutes and enable self-reporting across various stakeholders based on granular role based access control including auditors, making the process painless.
The day ended with Matt Coose of Qmulos providing detailed demonstrations of how the company’s purpose-built compliance solutions on top of Splunk are driving efficiencies and saving time and money for customers.
For anyone who thinks compliance mandates are more a checklist exercise, the day offered compelling reasons to the contrary. And with a solution combination like Splunk and Qmulos, there is really no reason for organizations to get failing scorecards.
Until next time...