CorreLog releases four-page executive summary along with thought-leading whitepaper simplifying NIST guidelines for FISMA compliance relative to z/OS, outlining best practices for a complete, cross-platform data security and compliance strategy.
Naples, FL, June 29, 2017 – CorreLog, the leader in multi-platform IT security event log management, today announced the issuance of its simplified guidelines for organizations tasked with protecting U.S. Government data in accordance with FISMA (Federal Information Security Management Act). Since the beginning of the 20th century, the National Institute of Standards and Technology, or NIST, has been responsible for supplying Government, Industry, and Academia with documentation that today includes the minimum information systems security requirements for FISMA compliance.
CorreLog’s condensed guidelines are the culmination of pouring through thousands of pages of Standard Reference Materials (SRMs) to identify the NIST Special Publications (SPs) and Federal Information Processing Standards (FIPS) Publications that federal agencies, contractors, and other covered organizations must follow to mitigate Government data risk. All U.S. Government data must be protected according to these standards to avoid the risk of fines, settlements, and/or loss of federal funding, and the mainframes supporting many federal agencies and large government contractors must be included in this pursuit.
“The idea of mainframe vulnerability is gaining traction, yet many IT security strategies exclude this asset from their daily compliance efforts,” said George Faucher, founder and CEO of CorreLog. “NIST and FIPS publications prescribe a cyber-security framework that is crucial to the protection of sensitive government data residing within mainframes, but at thousands of pages, CXOs are understandably overwhelmed. Our executive summary and whitepaper simplify these standards to help organizations reinforce initiatives to improve their FISMA compliance with their mainframes.”
Executive Summary: “Introduction to FISMA Compliance with CorreLog Mainframe SIEM Solutions”
CorreLog has distilled the vast body of NIST and FIPS SRMs into a four-page executive summary for CXOs seeking to better understand FISMA compliance. In this executive summary, CXOs will find:
- An introduction to FISMA and NIST
- An overview of the NIST and FIPS SRMs pertaining to FISMA compliance on z/OS
- Examples detailing how to maintain FISMA compliance by connecting z/OS to organizations’ distributed SIEM (Security Information and Event Management) systems
Click here to download CorreLog’s Introduction to FISMA Executive Summary.
Whitepaper: “FISMA Compliance with CorreLog Mainframe SIEM Solutions”
For a deeper dive into FISMA, CorreLog has made a whitepaper available revealing the most appropriate SRMs for mainframe security and compliance in detail, with simplified guidelines for mainframe inclusion in SIEM strategies for FISMA compliance. The paper titled “FISMA Compliance with CorreLog Mainframe SIEM Solutions” includes:
- The origins of FISMA and NIST
- The role NIST Special Publications and FIPS publications play with FISMA compliance
- A boiled-down summary for the most appropriate NIST and FIPS SRMs, and the tools available to connect z/OS to organizations’ existing SIEM systems for complete, cross-platform FISMA compliance
CorreLog has designed agent-based solutions to collect and forward z/OS events to organizations’ existing distributed SIEMs for real-time security visibility, including audit trails for compliance with FISMA and other data security standards. These solutions monitor z/OS events with little impact to systems resources, and roll-up all FISMA-covered z/OS events and audit trails into a single IT Security Operations Center (SOC) via distributed SIEM.
For more information about these solutions as they pertain to FISMA compliance, download CorreLog’s FISMA compliance datasheet here.
CorreLog, Inc., a privately held corporation, is an independent software vendor (ISV) that has produced software and framework components used successfully by hundreds of private and government organizations worldwide. Our core solutions provide visibility across both mainframe and distributed systems on user activity that is indicative of cyber threat. Since 2008, CorreLog, Inc. has been committed to delivering better decision-support solutions for InfoSec and security auditing professionals who need more advanced perimeter security and improved adherence to PCI DSS, HIPAA, SOX, IRS Pub. 1075, FISMA, NERC, GDPR, and other industry standards for securing data. Our solutions are designed to be highly interoperable and complementary to clients’ existing IT investments.
CorreLog zDefender™ holds certified integrations with IBM, McAfee, Micro Focus, RSA Security Analytics (EMC), and field integrations with all other brand-name SIEMs. We consider our technology approach to be unique in both personnel and product and we believe our solutions pass the test of low total cost of ownership with high SIEM functionality. For more information on CorreLog products, please visit www.CorreLog.com.
Copyright © 2017, CorreLog, Inc. All rights reserved.
All trademarks and registered trademarks used herein are the properties of their respective owners.
Tony Perri, CorreLog Marketing & PR
Office: (239) 514-3331, xt. 406