news

John DiDuro Makes Presentation at 4th Annual Security Conference

Describes method for helping clients satisfy provisions of the Federal Information Security Management Act of 2002

McLean, Virginia, March 30, 2005—John DiDuro, a program manager in our Software Development and Technology Support group, presented the results of an internally funded technical report, “Delivering Information Assurance: LMI Cybersecurity Method,” at the 4th Annual Security Conference. Paul Jung, David Shepherd, Roxanne Everetts, and Mark Nobles coauthored the report.

After certifying and accrediting several information systems for compliance with the requirements of the Federal Information Security Management Act of 2002, our team of system security specialists recognized the need for federal agencies to increase their security posture. They found that certification and accreditation are not sufficient  to provided the required security from cyber incidents. In response, they developed the LMI Cybersecurity Method, which follows federal guidance in conducting system certifications and accreditations, but it also consists of three additional features:

• LMI ARMUR™ philosophy: Focus on the security professional, stressing the value of effective cybersecurity management, understanding, and perseverance.
• Information security and awareness training support: Competency in information assurance and other aspects of cybersecurity that agencies can leverage into comprehensive training programs.
• LMI 12 steps to cybersecurity™: Security-focused support group to reinforce the good security practices introduced during certification and accreditation, and make them daily activities within the agency.