3213 Duke St #190
Alexandria, VA  22314
Phone 703-828-1196

 
Register Now for this FITSI Training Event!

Event date is Tuesday, December 15th and Wednesday, December 16th, 2015.

Event time is 8:00am to 4:00pm

Event location is Arlington, VA.

Pricing: 
    
     FITSI Member Registration - $450.00
     Public Registration - $550.00

 

FITSI Member registration - click the link below to register:

 

_____________________________
 

Public registration - click the link below to register:

 

_____________________________
 

Join FITSI - If you want to get the FITSI member pricing you can join the Federal IT Security Institute first, for only $45/year.

Questions?  Please contact Ms. Alana McCullough at:  training(@)fitsi.org..
 

 

 
 

Site Links

About Us
Account Login
Certification Verification
Chapters
Contact Us
Courseware
Documents
Donations
Events
Exam Information
FITSI Foundation
FITSP Overview
Government Adoption
Join
Members
Press
Site Map
Store
Training

 

 

Special Seminar: Continuous Monitoring for Federal Information Systems

Overview   

Information security is a dynamic process that must be effectively and proactively managed for an organization to identify and respond to new vulnerabilities, evolving threats, and an organizationís constantly changing enterprise architecture and operational environment.

This 2-day seminar focuses on NIST emerging guidance for establishing and implementing a continuous monitoring program for FISMA compliance. This seminar will follow the outline of the NIST Special Publication SP 800-137: Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations. The purpose of 800-137 specifically addresses assessment and analysis of security control effectiveness and of organizational security status in accordance with organizational risk tolerance.

Learning objectives encompass understanding the 6-step ISCM process, with a strong focus on tools and technologies that leverage the strategies, policies, and roles and responsibilities of the overall ISCM program, which can assist organizations in their efforts to automate the implementation, assessment, and monitoring of many NIST SP 800-53 security controls.

Organizations can follow reference architecture, such as NIST CAESARS Framework Extension, or even the DHS Continuous Diagnostics and Mitigation program to implement ISCM technologies. The CAESARS report provides reference architecture, based on security automation standards that guide organizations in deploying enterprise CM implementations.

Seminar attendees will hear and discuss a variety of tools available that an organization can use to efficiently and effectively gather, aggregate, analyze, and report data ranging from continuously monitoring the security status of its enterprise architecture and operating environment, down to components of individual information systems.

FITSI is hosting a special seminar on Continuous Monitoring for Federal Information Systems in Arlington, VA November 16-17, 2015.

Agenda
Day 1

1.  Continuous Monitoring and its impact on the Evolution of Risk Management (SP 800-137)
2.  Developing and Documenting a Continuous Monitoring Program       

    a. Organization-Wide View ISCM (SP 800-137)

    b. Ongoing System Authorizations (SP 800-137)

    c. Role of Automation in ISCM (SP 800-137)

    d. ISCM Roles and Responsibilities (SP 800-137)
3.  The Process

    a. Define ISCM Strategy (SP 800-137)

    b. Establish an ISCM Program (SP 800-137)

    c. Implement an ISCM Program (SP 800-137)

    d. Analyze Data and Report Findings (SP 800-137)

    e. Respond to Findings (SP 800-137)

    f. Review and Update the Monitoring Program and Strategy (SP 800-137)
4.  Enterprise Architecture View for Continuous Monitoring (SP 800-137)

 

Day 2


5.  Overview of the CAESARS Reference Architecture (NIST IR 7756)

    a. Sensor Subsystem

    b. Database Subsystem

    c. Analysis/Risk Scoring Subsystem

    d. Presentation/Reporting Subsystem

6. Understanding the DHS Continuous Monitoring and Diagnostics Program

7. SCAP Overview

    a. The Motivation for Creating SCAP

    b. The Definition of SCAP

    c. NIST SCAP Product Validation and Laboratory Accreditation Programs

8. Recommendations for Common Uses of SCAP

    a. Security Configuration Verification

    b. Requirements Traceability

    c. Standardized Security Enumerations

    d. Vulnerability Measurement

    e. Security Data Analytics

    f. Details on Using SCAP for FISMA Compliance

9. Course Wrap-up

Audience

IT auditors and security specialists assigned to implement or assess the information security continuous monitoring program for Federal agencies.

Prerequisites and Advanced Preparation

Candidates should be familiar with OMB Directives and NIST publications for information security.

Class size: 35

Vendor/Instructor profile - Jim Wiggins

Jim possesses over 17 years of direct experience in the design, operation, management, and auditing of information technology systems, with the past 13 years focused on information systems security. He has an extensive background in technical education and specializes in security certification courses targeted at federal and government contracting clients.

Additionally, Jim is the executive director of the Federal IT Security Institute (FITSI). FITSI is a 501(c)(6), non-profit organization that provides a role-based IT security certification program targeted at the federal workforce. Jim is also the executive director of the FITSI Foundation which is a 501(c)(3) public charity that is running the Wounded Warrior Cyber Combat Academy (W2CCA).

Jim was named "Educator of the Year" in 2011 by the Federal Information Systems Security Educators' Association (FISSEA) for the impact he is making in the federal workforce. He holds the following IA/IT security certifications: CISSP,ISSEP, CISM, CISA, SCNA, SCNP, CAP, IAM, IEM, SSCP, CEH, ECSA, CHFI, LPT, TICSA, CIWSA, Security+, and MCSE: Security and FITSP-M.

When
     Tuesday and Wednesday, December 15-16, 2015, 8:00 a.m. to 4:00 p.m.

Where
    
George Mason University
     Arlington Campus Founders Hall
     3351 North Fairfax Drive
     Room:  475
     Arlington, VA 22201

     Facility information and/or closing due to inclement weather please call:
     (703) 993-8140 or (703) 993-8999 or check the GMU website at: http://www.gmu.edu/
     (The campus is located within walking distance to the Virginia Square Metro stop on Fairfax Drive.
    Arlington Campus map: http://info.gmu.edu/Maps/ArlingtonMap14.pdf

It is recommended that you take the Metro Orange line to the Virginia Square stop.  If driving, please plan to start early to avoid traffic congestion.  Check out the Web site for directions.

Continuing Education Units
    14

Parking           
    Parking for GMU Founders Hall is available at the parking garage on Kirkwood Road (near intersection of Kirkwood Rd and Washington Blvd). There is a sign for the garage. The cost is $3/hr or $15/day.

Meals
    Attendees will receive a Cosi gift card for meals for both days of the class.

Cost
    FITSI Members:  $450
    All Others:  $550

Registration
    FITSI Members

    Public Registrations