Changes

Cybersecurity and Infrastructure Security Agency (view source)

Revision as of 14:37, 27 July 2021

1,422 bytes added , 3 years ago

no edit summary

Line 33: Line 33:

==NRMC==

The National Risk Management Center (NRMC), which is housed within the CISA, is a center for planning, analysis, and collaboration toward identifying, prioritizing, and addressing risks to critical infrastructure. The Assistant Director of the NRMC is [[Bob Kolasky]].

+

==Continuous Diagnostics and Mitigation==

+

[[Tommy Doyle]], the CISA Associate Chief of Security Operations, runs the CDM Program and its privileged access management (PAM) tool. CISA has deployed PAM to 30 information systems with the aim of transitioning to a cohesive enterprise-wide approach. PAM offers:

+

# secure access for elevated rights,

+

# monitors and records all access continuously, and

+

# runs threat analysis to prevent unauthorized access of systems, by examining patterns of how users access

+

systems and alerting managers if a request falls outside of a user's usual time or place.<ref>[https://www.cisa.gov/sites/default/files/publications/CDM%20Success%20Story-CISA%20PAM%20Tool%20.pdf PAM success story, CISA]</ref>

+

''VENOM''

+

VENOM is CISA's PAM-enabled cloud network enclave, which was built from scratch as opposed to adding it as a tool to a legacy network. In summer 2020, VENOM's design, documentation, naming conventions, and account standards were developed and it received authorization to connect to other systems. In fall 2020, penetration

+

tests were conducted and all attempts failed. In January 2021, VENOM was authorized to operate.

+

However, this approach required new user accounts, removing old systems and accounts, and building trust among users.<ref>[https://www.cisa.gov/sites/default/files/publications/CDM%20Success%20Story-CISA%20PAM%20Tool%20.pdf PAM success story, CISA]</ref>

==Critical Infrastructure==

Jessica

Bureaucrats, Check users, lookupuser, Administrators, translator

14,952

edits