WASHINGTON, Oct. 30, 2012 /PRNewswire-USNewswire/ -- The Centers for Medicare & Medicaid Services (CMS) has won a 2012 U.S. National Cybersecurity Innovation Award for using continuous automated monitoring to protect confidential citizen health data against theft and alteration.
CMS manage nearly 200 data centers, processing claims and payments with a value of over $800 billion each year for medical services rendered to over 100 million program beneficiaries and recipients. The vast majority of CMS confidential citizen data are stored and administered by a complicated network of 38 contractors across nearly 200 sites, obliging CMS to educate, train, and guide each of these contractors to produce and make effective use of cybersecurity information.
CMS designed a process to leverage the data collected internally, creating an agency-wide, proactive risk-reduction program to continuously improve security across their network of contractors and data centers. CMS also developed and implemented a system that ingests data collected from sites, prioritizes the findings, and then creates easily interpreted reports to help system owners take the highest value mitigation steps required to rapidly and efficiently remediate the most serious cyber security weaknesses.
To effectively reduce risk across the widely distributed network of sites, CMS first developed a process to assess the relative security of each datacenter and normalized these security scores across the variety of security tools providing the feeds. The resulting product is a single, cohesive, apples-to-apples scoring solution that pinpoints critical risks, provides remediation information, and creates visibility in a manner that drives rapid remediation responses. CMS demonstrated initial success with this system in 2010 by developing a vulner
|SOURCE SANS Institute|
Copyright©2012 PR Newswire.
All rights reserved