One criticism of FISMA has been that it is too heavy of the Certification and Accreditation process - i.e. the creation of the audit report and justifying an authorization, and less about actually improving security or being secure in the first place. Whatever the shortcomings, FISMA is a step in the right direction and the Control Frameworks take that one step further. By implementing the NIST Framework or the Frameworks applicable for national security systems (DCID 6/3 and DITSCAP/DIACAP) security is certainly enhanced.
This paper will focus on the NIST Framework and guidance contained in NIST Special Publication 800-53.
One of the areas that the Control Frameworks all universally agree upon is the importance of auditing user activity in your infrastructure as a critical method of improving overall security. User Activity Auditing requires the generation, collection and analysis of audit logs from network devices, systems and applications.
This White Paper introduces EventTracker from Prism Microsystems as a valuable solution to increase security, and as a means to enhance preparedness for FISMA.