How to improve federal security

Tuesday - 1/1/2013, 9:35pm EST

Karen Evans & Julie Anderson

Download mp3

January 1, 2013 -- Most federal IT professionals know about agile software development's precept of continuous improvement.

Because of cloud adoption, multitudes of malicious code writers, and an inundation of mobile devices, anyone who manages security has to steal this software development concept of nonstop vigilance.

Karen Evans, partner at KE&T Partners LLC, and Julie Anderson, chief operating officer and managing director for the Civitas Group, join host John Gilroy on today's show to discuss improvements in cyber security.

One focus of the discussion is a recent report from the Center for Strategic & International Studies (CSIC) called "Updating U.S. Federal Cyber Security Policy and Guidance."

During the interview, Evans draws upon her experience in a wide range of federal activities to show how continuous monitoring acts to monitor, measure, and mitigate attacks. She details ways that current authorities can be implemented to reduce risk.

Anderson talks about some of the pioneering work on security done by the State Department and how it can be applied to a wider range of federal agencies.

She suggests that applying some of the recommendations of the CSIS report will assist agencies in addressing the highest risks and prevent wasteful duplication.