Keep your security chin up

NAPLES, Fla. — Agency officials should adopt a positive way of thinking when it comes to addressing system security, according to one expert.

Rather than focus on the countless ways a hacker can get into a system, agency officials should establish a "known good state," or understanding of what processes and applications need to be protected and protect them, said Charles Kolodgy, research director for security products at IDC.

"Let's start thinking positive in the sense that I have 10 things I need to do, so I will focus on those, not the 50 things the bad guys can do," Kolodgy said, speaking today at the Government CIO Summit sponsored by FCW Media Group. "As long as the system is in that state, then I am happy."

The outdated way of thinking was to build a firewall large enough that hackers couldn't get around it and into the system, Kolodgy said. However, the hackers will always find an innovative way to invade systems, so agencies need to move to what he called the positive security model, he said. Although agency officials should still use firewalls and reactive methods, they should also be proactive by assessing the agency's vulnerabilities and managing them, he said.

Information technology department officials who evaluate risk should consider vulnerabilities, the probability they will be exploited and the value of the asset to the organization, Kolodgy said. This will help agencies determine where to focus their resources when securing the systems.

Featured

  • Cybersecurity
    Boy looks under voting booth at Ventura Polling Station for California primary Ventura County, California. Joseph Sohm / Shutterstock.com

    FBI breach notice rules lauded by states, but some want more

    A recent policy change by the FBI would notify states when their local election systems are hacked, but some state officials and lawmakers want the feds to inform a broader range of stakeholders in the election ecosystem.

  • paths (cybrain/Shutterstock.com)

    Does strategic planning help organizations?

    Steve Kelman notes growing support for strategic planning efforts -- and the steps agencies take to keep those plans relevant.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.