https://www.nextgov.com/cybersecurity/2018/11/agencies-will-soon-have-cyber-hygiene-scoreand-will-know-where-they-rank/153114/
By Aaron Boyd
Senior Editor
NextGov
November 28, 2018
Soon, federal agencies will have a clear idea of how they are doing on
basic cybersecurity and be able to compare their posture to other agencies
across the government.
The Homeland Security Department's Continuous Diagnostics and Mitigation
program, or CDM, is providing agencies with a sophisticated suite of
cybersecurity tools. As those tools are put in place, the associated
sensors are sending data to a centralized dashboard, giving Homeland
Security and agencies a holistic view of cybersecurity throughout the
federal enterprise.
Now, Homeland Security is using that data to compile cyber scores using an
algorithm called AWARE, which stands for Agency-Wide Adaptive Risk
Enumeration. The algorithm measures the existence of known vulnerabilities
within an agency's systems -- those that have yet to be patched -- and the
baseline configuration settings to give an agency an overall rating on
cyber hygiene.
Kevin Cox, CDM program manager at Homeland Security, likened the AWARE
score to a credit score but in reverse -- a higher number generally
represents a worse cyber posture.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
