Federal agencies are reportedly feeding data into a special algorithm introduced by the Department of Homeland Security (DHS) in order to assess their cyber posture scores.
This Agency-Wide Adaptive Risk Enumeration (AWARE) algorithm should go into full production by fiscal year 2020, news outlet GCN reported yesterday, citing a public presentation yesterday by DHS Continuous Diagnostics and Mitigation Program Manager Kevin Cox.
Calling it synonymous to a credit score, the AWARE score will allow government agencies to compare their cyber hygiene efforts to other fellow agencies. Scores will incorporate whether agencies have properly patches known vulnerabilities alerts and if they have properly configured their systems, Nextgov states in its own report. Different vulnerabilities will be weighted based on how old and critical they are.
“Eventually what we want to do is get the AWARE score down to the system level,” said Cox, according to Nextgov. “If I am an agency and I have a system connecting out to another agency’s system and I want to make sure that I’m not connecting to a system that’s not properly managed, I could take a look at their AWARE score…”