Enterprise Continuous Monitoring for NIST 800-137

Problem Statement

Blackspoke’s customer invested in multiple siloed security platforms and technologies, resulting in a lack of centralized visibility into NIST SP 800-137 security controls that require continuous monitoring and reporting. The increase in manpower to track risk measures across these disparate systems led to the customer requesting a data-driven solution to enrich reporting and achieve continuous monitoring goals.

Blackspoke Solution

As a prime contractor Blackspoke employed the Corporate Analytical Visualization Environment’s (CAVE) data warehouse to ingest cyber vulnerability, host-based protection, security compliance scanning, and asset management system data sets from over 17 different systems across five classifications. Using Data Vault 2.0 methodologies to normalize and create relational links across all security domains, we partnered with the customer to identify scoring and weighting parameters to assess risk for all controls. The Blackspoke solution used an Enterprise supported web platform along with custom JavaScript, HTML, Tableau, and Highcharts to visualize data from each security domain, the interrelationships across domains, and single-pane-of-glass trend dashboard for Unclassified, Secret, Top Secret network assets.

Customer Results

The Blackspoke Galaxy solution enabled the Agency to meet the NIST 800-137 requirement with in-house dashboarding and data ingest tools rather than purchasing expensive COTS products that most Intelligence customers use saving well over $1 million per year. The increased visibility directly supported increasing agency asset CMDB registration from 14% to 40% allowing them to reduce risk and raise their FISMA compliance level from 1 to 2.