What’s important to note about the MONITOR step within the NIST RMF for DoD Contractors?

Per NIST, continuous monitoring programs allow an organization to maintain the authorization of a system over time in a highly dynamic operating environment where systems adapt to changing threats, vulnerabilities, technologies, and mission and business processes. Per NIST SP 800-137, Information security continuous monitoring (ISCM) is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions.

Moreover, any effort or process intended to support ongoing monitoring of information security across an organization begins with leadership defining a comprehensive ISCM strategy encompassing technology, processes, procedures, operating environments, and people.

Many of today’s federal compliance mandates, such as FISMA, FedRAMP, eMASS, and more - all require organizations to implement continuous monitoring (ConMon) programs for their environments.  Per NIST, a well-defined and well-executed ConMon program should be built on the following measures:

• Define an ISCM strategy based on risk tolerance that maintains clear visibility into assets, awareness of vulnerabilities, up-to-date threat information, and mission/business impacts.
• Establish an ISCM program determining metrics, status monitoring frequencies, control assessment frequencies, and an ISCM technical architecture.
• Implement an ISCM program and collect the security-related information required for metrics, assessments, and reporting. Automate collection, analysis, and reporting of data where possible.
• Analyze the data collected and Report findings, determining the appropriate response. It may be necessary to collect additional information to clarify or supplement existing monitoring data.
• Respond to findings with technical, management, and operational mitigating activities or acceptance, transference/sharing, or avoidance/rejection.
• Review and Update the monitoring program, adjusting the ISCM strategy and maturing measurement capabilities to increase visibility into assets and awareness of vulnerabilities, further enable data-driven control of the security of an organization’s information infrastructure, and increase organizational resilience.

Trusted Providers for NIST RMF Continuous Monitoring Program Development

Arlington offers the following Information security continuous monitoring (ISCM) services & solutions for helping federal contractors design and implement industry leading continuous monitoring (ConMon) programs:

• Ready-to-Use ConMon Program Toolkit for download based on NIST SP 800-53 controls.
• Customized ConMon Program Development, Implementation, and Testing
• ConMon as a Service (CMaaS)