How to get started with continuous monitoring

Wednesday - 6/30/2010, 3:15pm EDT


Download mp3

July 1, 2010 -- This week's Federal Security Spotlight features Jerry Davis, the chief information security officer for NASA.

He made headlines recently when he changed how NASA CIOs are to go about meeting their Federal Information Security Management Act (FISMA) reporting.

Turns out, certification and accreditation is not actually required under FISMA, so he is having the NASA components move to a process called accreditation.

He also joins a few other agencies in instituting continuous monitoring of networks, and making sure critical security patches are up to date.