“A new Transportation Department chief information officer policy for prioritizing the remediation of cybersecurity vulnerabilities wrongly incentivizes staff to resolve low-priority weaknesses before high-priority weaknesses, says the DOT inspector general.
In an annual audit of departmental cybersecurity released Nov. 15, Transportation auditors say DOT computers ‘remain vulnerable to predators.’ Auditors cite a whole list of cybersecurity problems, including the fact that in September 2010, the CIO implemented a new plan of action and milestones policy for the prioritization of vulnerability fixing.”
(Source: DOT auditors fault CIO cybersecurity hole prioritization policy – FierceGovernmentIT)
Follow Us!