Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

The Pentagon Doesn't Know All the Software on Its Networks -- And That's a Problem

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 21 Dec 2018 11:19:52 +0000 (UTC)
https://www.defenseone.com/technology/2018/12/pentagon-doesnt-know-all-software-its-networksand-s-problem/153669/

By Heather Kuldell
Managing Editor
Defense One
December 20, 2018
The Defense Department faces "unnecessary" risk without a complete software inventory, according to the agency's inspector general.
The Defense Department's poor software management practices put its networks at "unnecessary" cyber risk -- and that's on the department's chief information officer, according to the agency inspector general.
The department doesn't have an enterprisewide software application rationalization program -- an inventory of what the department owns and is in use -- as required by the Federal Information Technology Acquisition Reform Act, the Defense inspector general wrote in a report released Tuesday. Such programs help agencies get rid of duplicative or obsolete applications and avoid buying redundant software.
Instead of an enterprisewide solution, the Defense CIO in 2017 revised a Joint Information Environment objective to limit software rationalization to data centers. 

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: