Presenter - Mike Wyatt, Deloitte
Information Security Continuous Monitoring (ISCM) requirements for state of Texas governmental entities is identified in the filed version of House Bill 4214 Sec 2054.137.
ISCM was established for the federal government by the National Institute of Standards and Technology (NIST) special publication 800-137. The goal of continuous monitoring programs is to increase the maturity of the organizations security posture by moving from "point in time evaluations" to ongoing monitoring of key IT security domains including: hardware asset management, software asset management, configuration management, and vulnerability management using the principals of effective risk management. In this session we will discuss the components of continuous monitoring programs, provide a sample road-map, and discuss rough order of magnitude (ROM) staffing that may be needed for implementation and management the components of an ISCM program.
Hosted by Office of the Chief Information Security Officer