From: Network World
GAO: The loss of high impact” systems could cause individuals, the government, or the nation catastrophic harm
***
An underlying reason for these weaknesses is that the agencies had not fully implemented elements of their information security programs. For example, security plans did not always address controls specific to high-impact systems, those with significant security responsibilities did not always complete specialized training, systems ‘assessments were not comprehensive, and continuous monitoring strategies were incomplete.”
***
The Office of Management and Budget (OMB) is developing plans for shared services and practices for federal security operations centers but has not issued them yet. In addition, agencies reported that they are in the process of implementing various federal initiatives, such as tools to diagnose and mitigate intrusions on a continuous basis and stronger controls over access to agency networks.
Leave a Reply