The White House has issued a new cyber security policy that points toward continuous monitoring and patching and more effective cyber security spending, according to InformationWeek.
The guidance takes a “three-tiered approach” to FISMA:
- Near real-time reporting of of cyber security data feeds directly from agency security and management tools to the recently implemented Cyberscope security reporting tool operated by the Department of Homeland Security.
- Government-wide benchmarking on agencies’ security postures.
- Agency-specific interviews to help ascertain the needs and proper metrics for individual agencies.