Keep your security chin up

NAPLES, Fla. — Agency officials should adopt a positive way of thinking when it comes to addressing system security, according to one expert.

Rather than focus on the countless ways a hacker can get into a system, agency officials should establish a "known good state," or understanding of what processes and applications need to be protected and protect them, said Charles Kolodgy, research director for security products at IDC.

"Let's start thinking positive in the sense that I have 10 things I need to do, so I will focus on those, not the 50 things the bad guys can do," Kolodgy said, speaking today at the Government CIO Summit sponsored by FCW Media Group. "As long as the system is in that state, then I am happy."

The outdated way of thinking was to build a firewall large enough that hackers couldn't get around it and into the system, Kolodgy said. However, the hackers will always find an innovative way to invade systems, so agencies need to move to what he called the positive security model, he said. Although agency officials should still use firewalls and reactive methods, they should also be proactive by assessing the agency's vulnerabilities and managing them, he said.

Information technology department officials who evaluate risk should consider vulnerabilities, the probability they will be exploited and the value of the asset to the organization, Kolodgy said. This will help agencies determine where to focus their resources when securing the systems.

Featured

  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected