VA has new security program

Department of Veterans Affairs

Related Links

The Department of Veterans Affairs started a proactive vulnerability management program to provide improved cybersecurity at more than 250 facilities nationwide.

Hercules, an automated vulnerability remediation solution offered by Citadel Security Software Inc., is a critical component in a strategy that includes Harris Corp.'s Security Threat Avoidance Technology (STAT) Scanner program as well as a hardware platform provided by Hewlett-Packard Co.

The STAT Scanner probes the network and identifies possible vulnerabilities. Hercules has vulnerability assessment tools for a wide variety of platforms and allows VA personnel to review data from multiple sources before deploying a vulnerability fix.

The arrangement covers 235,000 workstations and servers in the department's network.

VA system administrators can deploy customized solutions for software defects, misconfigurations, unsecured user accounts, unnecessary services and backdoors.

The new strategy will provide more frequent security assessments, reducing risks and ensuring compliance with privacy regulations and internal security standards, officials said. Potential vulnerabilities can more easily be identified and reported to the VA's central incident response center for centralized management.

In addition, the new service will allow individual facilities to quickly respond to security bulletins released by the response center.

Steve Solomon, president and chief executive officer of Citadel, labeled the VA as a government agency "on the cutting edge of technology and security." He said the VA "is demonstrating its commitment to protecting its critical infrastructure by consistently maintaining the best security protection available and setting forth a road map for other agencies to adopt the most comprehensive, effective identification and resolution of vulnerabilities."

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.