John Streufert: Well, Jim, I’d like to narrow it down to just one…
JIm Flyzik: Okay.
John Streufert: But I’m pleased to report to you that at this juncture, the focus of our program is protecting networks and civilian government. We now have more than 96% of [00:00:14] signed up. That’s 124 discreet segments. And I’m very happy to tell you that we’re covering all 23—the 23 CFO Act reporting agencies. So our coverage is excellent and within the next 20 weeks, we should be starting off providing basic services and continuous monitoring censors to all of the people I’ve just named under a task order competition. Jim, I think you’re actually…couldn’t be closer to the real cracks of the problem. The kind of incidence that we’re seeing in the government sector particularly at the federal level are warily restricted to a particular business unit—a thread of one kind that shows up in a part of government almost inevitably [00:01:00] other directions.
So the Office of Management and Budget put out its instruction – Memorandum 14-03, that asked us to look at the needs of the government from the point of view of continuous monitoring holistically. They had some stepping stones that were put in place a couple of years ago with CyberScope; and the early stages of that gathered up some of the process in compliance approaches that were early in the Federal Information Security Management Act; but from the very beginning, the federal CIO [00:01:38] at the time, envisioned a future point at which automated data feeds could substitute for some of the qualitative assessments that the departments and agencies were doing. So our conversations now which include the Department of Defense…
JIm Flyzik: Right.
John Streufert: And the Committee on National Security Systems look forward to a day when data collection at the endpoint level where specific risks, previously known flaws, could be gathered up and then trend information can be assembled at the federal level that we can show in a dashboard and eventually incorporate into the summaries that OMB now sponsors and across agency priorities. And as it turns out, continuous monitoring is one of those 3 that are active of attention. So though we have different title authorities under the code of federal regulations…
JIm Flyzik: Right.
John Streufert: And statute, we see that collectively we want to get that information to where it can become actionable; that’s probably a specific repair on the local level but if we can get an enterprise view of where our most serious problems are, we can reposition as necessary to shore up the defenses.
JIm Flyzik: Yeah, terrific.
[END OF AUDIO 00:02:58]
…Read more
Less…