Organizations can quickly establish and orchestrate cyber risk management and self-assessment activities enterprise-wide
Washington, DC – July 24, 2018 – Telos® Corporation, a leading provider of continuous IT security solutions and services for the world’s most security-conscious organizations, today announced a new application for its Xacta® 360 cyber risk management platform that streamlines execution of the NIST Cybersecurity Framework (CSF) and automates associated reporting.
“Organizations around the world are gaining much greater awareness of their cyber risk posture by implementing the CSF,” said Rick Tracy, Telos chief security officer and co-inventor of Xacta. “By automating data gathering and reporting, Xacta 360 greatly reduces time to deploy a CSF-based cyber risk management program, helps ensure accuracy and completeness of self-assessment activities, and allows for greater awareness of cyber risk objectives and outcomes.”
This new cyber risk management application for Xacta 360 accounts for all elements of the CSF – core, implementation tiers, current and target profiles, and gaps – and steps the organization through the seven-step gap assessment process.
“The beauty of the CSF,” Tracy continued, “has always been its ability to organize cyber risk information in a way that is understood from the server room to the boardroom. Xacta 360 now automates the packaging and presentation of cyber risk objectives and gaps for prioritization and action.”
In 2013, President Barack Obama issued an executive order requiring the National Institute of Standards and Technology (NIST) to develop the CSF to secure systems associated with critical infrastructure. Originally intended for use by organizations operating within the sixteen sectors designated critical infrastructure by Department of Homeland Security, many other industries and approximately twenty nations have embraced the CSF standard. By executive order in May 2017, President Donald Trump also called for its mandatory use by agencies of the U.S. federal government.
Telos has mapped other security requirements and control frameworks to the CSF core, including NIST Special Publication 800-171 for protecting controlled unclassified information, NIST SP 800-161 for supply chain security, and the European Union’s General Data Protection Regulation (GDPR), allowing organizations to leverage the benefits of the CSF for various self-assessment requirements. The application can also support self-assessments for ISO 27001 and NIST SP 800-53, if desired.
Xacta 360 auto-generates standard NIST documentation such as system security plans (SSP) and plans of action and milestones (POA&M), as well as compliance score cards for supported regulations and frameworks. Custom documentation can also be defined and generated by the user with minimal effort.
A platform agnostic solution, Xacta 360 streamlines compliance for systems operating in any environment – on-premises, in the cloud or hybrid. For systems hosted by Amazon Web Services (AWS), Xacta 360 can scan the accounts and services being used to establish an inventory and monitor these resources to ensure continuous compliance of those inventories and configurations. Combined with Xacta Continuum®, Xacta 360 can ingest on-premises asset data for inventory and continuous monitoring.
Whether or not an organization is required to gain authorization to operate, Xacta 360 is an effective solution to manage cyber risk. The new CSF application helps users orchestrate a robust enterprise cyber risk and compliance management process.
In 2000, Telos revolutionized certification and accreditation with the release of Xacta Web C&A to automate labor-intensive manual tasks. Ongoing research and development over the coming years resulted in the 2014 release of Xacta Continuum for continuous monitoring and Xacta Compliance Campaign Manager in 2015 to address manual procedural controls. In June 2017, Telos launched Xacta 360 to streamline security compliance and empower a 360-degree view of the threat landscape and deliver powerful new capabilities that help enterprises cut the time needed to develop the body of evidence necessary to assure compliance with rigorous security standards. Xacta 360 offers specialized applications for the NIST Risk Management Framework, (RMF) and the Federal Risk and Authorization Management Program (FedRAMP) as well as the CSF. Telos recently announced the upcoming release of Xacta.io, which represents the next generation of cyber risk management.
About Telos Corporation
Telos Corporation empowers and protects the world’s most security-conscious organizations with solutions and services for continuous security assurance of individuals, systems and information. Telos’ offerings include cybersecurity solutions and services for IT risk management and information security; secure mobility to protect globally connected organizations; and identity management to establish trust in personnel and continuously monitor for insider threats. The company serves military, intelligence and civilian agencies of the federal government, allied nations and commercial organizations around the world. In 2017, Telos was recognized as a leading cybersecurity company, evidenced by a top 25 ranking on the global Cybersecurity 500 list. The company is also a 2017 recipient of the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Security Service (DSS), awarded to less than .03% of eligible organizations. For more information, visit www.telos.com and follow us on Twitter @TelosNews.
Merritt Group (for Telos)