Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.

x
/

Army Looks to Consolidate Security Controls for ‘Project Sentinel’ Risk Mgmt Effort

1 min read
Cyber-warfare specialists serving with the 175th Cyberspace Operations Group of the Maryland Air National Guard engage in weekend training at Warfield Air National Guard Base, Middle River, Md., Jun. 3, 2017. (U.S. Air Force photo by J.M. Eddins Jr.)

The U.S. Army has begun the first phase of a reform effort focused on implementing a risk management framework for assessing the cybersecurity of weapons and information technology systems, Federal News Network reported Friday.

The three-phase Project Sentinel seeks to incorporate the National Institute of Standards and Technology-developed RMF throughout a multiyear period. Phase one involves implementing security controls for individual systems, while the second increment revolves around establishing prioritized controls.

The Army aims to create an RMF working group that will consolidate security controls and reduce the amount from 1,900 to somewhere between 200 and 300 by April.

“It’s not about just reducing the controls that we’re really looking at, it’s identifying the right controls based on what we need,” said Nancy Kreidler, director of cybersecurity and information assurance under the Army CIO’s office. “One of the things that I want to ensure is that when we reduce this control set, it is the right controls and we can hold people accountable.”

Phase three of Project Sentinel is aimed at revising NIST security controls to make them clearer for assessors as well as other stakeholders.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Press Releases