Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Does this audit make me look fat?
Thursday - 12/2/2010, 3:09pm EST
Steve Dauber, vice president of cybersecurity firm RedSeal Systems, told the DorobekINSDIER that these audits are helpful but do not differentiate between vulnerabilities and actual risks.
"The crux of the matter is most of those vulnerabilities are probably very low risk," Dauber said.
The challenge in identifying which vulnerabilities are in fact high risk is due to the high number of controls and devices involved in these IT systems, Dauber said.
"The sheer complexity and rate of change of these infrastructures is really overwhelming our human capability of understanding what's going on," he said.
Agencies are turning toward more technologies to mitigate high risks. Dauber said the federal government's next phase is to put into place a system to "translate between vulnerabilities and risks."