Resources

netForensics Security Information Management Solution Helps Federal Agencies Receive A+ on FISMA Scorecard

SIM Helps the Department of Labor and USAID Meet FISMA Regulatory Compliance Directives; Helps USAID Achieve Perfect Score for Second Consecutive Year

Edison, NJ – April 5, 2006 – netForensics, Inc., the pioneer and recognized market leader in Security Information Management (SIM), today announced that two of its customers, the U.S. Department of Labor (DOL) and United States Agency for International Development (USAID), achieved the perfect grade of A+ on the annual Federal Information Security Management Act (FISMA) scorecard issued by the House Government Reform Committee. USAID received an A+ for the second consecutive year ¡V the only agency to accomplish this since scoring began in 2001.

The U.S. Department of Labor Mine Safety and Health Administration (MSHA) and USAID both use the netForensics nFX Open Security Platform (nFX OSP) to help transform security-related information into actionable intelligence. netForensics' technology enables agencies to better respond to security threats, maintain compliant operations, and ensure the continuity of key business processes. MSHA was recognized as a Network World All-Star in the November 21, 2005 for its SIM implementation. (http://www.networkworld.com/allstar/2005/112105-government.html).

"We use nFX OSP to collect and correlate security events from disparate vendor technologies and to provide a single situational awareness picture of what is occurring on our network," said Philip Heneghan, Chief Information Security Officer at USAID. "SIM technology has played a key role in enabling us to detect, resolve, and report security incidents. We are proud to have achieved an A+ for the past two straight years."

The annual scorecard shows how well agencies meet the mandates of FISMA, which sets forth security standards, as well as operational and reporting requirements. Overall, agencies earned an average of D+ for their IT Security efforts, the same grade as last year. Of the 24 agencies that received FISMA grades, only five received an A+.

"We applaud the efforts of USAID, DOL and the other Federal agencies that received perfect scores on their IT security posture in adherence to the FISMA guidelines," said Dale Cline, President of netForensics. "These agencies are role models of security excellence. They have implemented the right technologies, processes and people to ensure their agency's vital assets are protected around the clock."

nFX OSP achieved Common Criteria Evaluation Assurance certification under the National Information Assurance Partnership's (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS). In addition to this certification that ensures the technology can meet Federal government security requirements, nFX OSP has specific benefits to agencies, including:

• Transforming data from disparate network devices, security devices, and applications into actionable intelligence for security operators, analysts, and executives
• Creating an auditable security infrastructure to demonstrate FISMA compliance
• Preventing catastrophic loss by protecting critical assets and identifying attacks sooner
• Enabling analysts to conduct historical or "forensic" analysis when an attack occurs to determine the full extent of an attack
• Reducing the risk baseline
• Increasing the value of existing information security investments
• Improving the effectiveness of security personnel by improving the efficiency of limited human resources and closing knowledge gaps
• Measuring security operations performance against key metrics

About netForensics
netForensics is the leading authority in Security Information Management (SIM) with nearly 400 clients - including Global 1000 enterprises and government organizations operating some of the largest networks in the world. netForensics is the only SIM vendor with an integrated family of enterprise-class products and services that are based on the proven, repeatable nFX information security methodology. This combination empowers security organizations to combat threats more efficiently, while connecting the security organization with network operations, compliance, and risk management. With award-winning technology, netForensics improves security operations performance by extracting real-time intelligence from point security products and applications into a single data repository, flagging the most-critical issues and launching integrated incident resolution and remediation processes. netForensics is headquartered in Edison, NJ with sales offices worldwide. For more information, please call 732.393.6000 or visit www.netforensics.com.

Quick Links