From: FCW
By Mark Rockwell
***
The report also said HHS operating divisions did not consistently review, remediate or address risks from vulnerabilities found in configuration baseline compliance and vulnerability scans done through Security Content Automation Protocol tools.
Auditors found that three divisions were fielding IT systems with expired authority to operate certificates. More generally, the report found that all operating divisions need to do a better job of making sure hardware and software inventories are up to date.
Leave a Reply