via Federal Computer Week
Clouds present other security challenges. They can be more dynamic and complex than traditional IT environments because services are constantly turned on and off to meet changing user needs, and workloads are shifted across the infrastructure to optimize the use of processing and storage resources.
DOD wants to automate many of those activities to remove the human element from the systems administration tasks as much as possible.”Automation is the only way to do some of these things fast enough and without the vulnerabilities introduced by human error,” Hale said.
To that end, DOD’s cyber experts are turning to the Security Content Automation Protocol (SCAP), a standard developed by the National Institute of Standards and Technology to enable automated vulnerability management and measurement and policy compliance evaluation.
Full article here.