Department of Energy Continuous Monitoring of Controls with Trustwave
The Department of Energy implemented Trustwave’s Security Information and Event Management Operations Edition (SIEM OE) to automate continuous monitoring of controls determined to be essential to maintain a secure risk posture.
The mission of the Department of Energy is to advance the national, economic and energy security of the United States, as well as to promote scientific and technological innovation and ensure the environmental cleanup of the
national nuclear weapons complex. Security plays a critical role in achieving the mission.
One strategic goal is scientific discovery and innovation to make the U.S. more competitive and to improve our quality of life. This case study explains how one DOE research facility is able to provide a secure campus for 4,500
employees. Many of these employees are scientists that perform valuable research that involves collaboration with scientists from all over the world.
Not surprising is the fact that one challenge for this facility is allowing legitimate traffic from countries that ofter appear on dangerous watch lists. The security team at this DOE facility regularly receives questions and objections from scientists who perceive security controls for workstations are impacting their freedom to collaborate. Managing perceptions like this requires continuous education of the on-campus population and requires the security team have a real understanding of the scientific process in order to balance the level of control required to maintain a secure risk posture against the potential benefits of fewer controls.