Software for Monitoring and Management

Product combines endpoint and security management to help address cybersecurity threats.

As agencies work to meet federal mandates for ensuring that their information systems are secure, many are deploying security solutions that can continuously monitor their systems and mitigate vulnerabilities. IBM’s Tivoli Endpoint Manager software combines endpoint and security management to help address the rapidly increasing number of cybersecurity threats.

Tivoli Endpoint Manager is highly scalable, controlling as many as 250,000 endpoints with a single management server. It allows IT staff to manage physical and virtual endpoints, such as servers and computers, as well as mobile devices, ensuring networkwide awareness of security posture and risk. The software continuously scans systems and enforces security policies, reducing vulnerability management and patching cycles.

The IBM software has been validated by the National Institute of Standards and Technology as conforming to the Security Content Automation Protocol (SCAP). It delivers compliance reporting for a number of federal security and privacy standards, including the Federal Information Security Management Act and the U.S. Government Configuration Baseline.

$12 billion
IT security spending by federal agencies in 2010

SOURCE: “Fiscal Year 2010 Report to Congress on the Implementation of The Federal Information Security Management Act of 2002” (Office of Management and Budget, March 2011)

By the Numbers

41,776

Number of federal security incidents reported in 2010 to the U.S. Computer Emergency Readiness Team

SOURCE: “Fiscal Year 2010 Report to Congress on the Implementation of The Federal Information Security Management Act of 2002”

97%

Percentage of federal IT officials who say they have deployed continuous monitoring for cyberthreats

SOURCE: “FISMA’s Facelift: In the Eye of the Beholder?” (MeriTalk, October 2010)

5

Stages of cyberattack: reconnaissance; targeted attack; compromise and network intrusion; installation of tools and utilities; and malicious endeavors

SOURCE: “Federal Cybersecurity Best Practices Study: Information Security Continuous Monitoring” (Center for Regulatory Effectiveness, October 2011)

17

Number of federal agencies (among 24 investigated) that had weaknesses in their 2010 continuous monitoring efforts

SOURCE: “Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements” (Government Accountability Office, October 2011)

80%

Percentage of cyberattacks that leverage known vulnerabilities and configuration management setting weaknesses

SOURCE: “FISMA 2.0: Continuous Monitoring Case Study Update” (Center for Regulatory Effectiveness, February 2011)

<p>Smit/Veer</p>
Apr 23 2012