Hubbard Radio Washington DC, LLC. All rights reserved. This website is not intended for users located within the European Economic Area.
On Air: Federal News Network
Does this audit make me look fat?
Steve Dauber, vice president of RedSeal Systems, discusses what you need to do to make sure your \'dirty laundry\' isn\'t aired when your agency is audited.
It’s that time of the year for audits under the Federal Information Security Management Act (FISMA). But will your audit make your agency appear bloated with risks?
Steve Dauber, vice president of cybersecurity firm RedSeal Systems, told the DorobekINSDIER that these audits are helpful but do not differentiate between vulnerabilities and actual risks.
“The crux of the matter is most of those vulnerabilities are probably very low risk,” Dauber said.
The challenge in identifying which vulnerabilities are in fact high risk is due to the high number of controls and devices involved in these IT systems, Dauber said.
“The sheer complexity and rate of change of these infrastructures is really overwhelming our human capability of understanding what’s going on,” he said.
Agencies are turning toward more technologies to mitigate high risks. Dauber said the federal government’s next phase is to put into place a system to “translate between vulnerabilities and risks.”
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Exclusive
Defense News
Read more
New DCSA director sees a data-driven future for security clearances and more
A look into whether one HHS component is properly securing its cloud information systems
