[vc_row type=”grid” video_bg=””][vc_column width=”2/3″ dp_animation=””][vc_column_text dp_animation=””]

What can we learn from these government agencies that are failing external audits in protecting our data?

[/vc_column_text][/vc_column][vc_column width=”1/3″ dp_animation=””][/vc_column][/vc_row][vc_row type=”grid” video_bg=””][vc_column width=”1/3″ dp_animation=””][vc_column_text dp_animation=””]From Charles Robbins[/vc_column_text][space size=”30″][/vc_column][vc_column width=”1/3″ dp_animation=””][vc_column_text dp_animation=””]August 30, 2021

What can we learn from these government agencies that are failing external audits in protecting our data? In general, these agencies “consistently failed to implement certain key cybersecurity requirements including encryption of sensitive data, limiting each user’s access to the information and systems needed to perform their job, and multi-factor authentication”. From reading through these three simple tasks, at your organization, it begins with an assessment. We contact the platform developer to get their CSF certification, the data on their penetration tests and their encryption standard. Oh, if you are at a government agency or large enterprise, the developer is missing all three. Failure point 1.[/vc_column_text][/vc_column][vc_column width=”1/3″ dp_animation=””][vc_column_text dp_animation=””]In your assessment, you check 25 random accounts. In the first five you have checked, the users have too much access and have not met their security credentials requirements and training. Failure point 2. In the assessment, we can use their station under our login and there is not 100% MFA. Failure point 3. This type of audit does not need to take expensive external teams to find your problems. Any executive can do this inspection. We do ask executives all the time why they are not aware of these issues. Once leaders start to get control of their own departments, they can fix the data security issues by applying the NIST standard.[/vc_column_text][vc_separator css=”.vc_custom_1629903638689{padding-top: 18px !important;padding-bottom: 24px !important;}”][vc_column_text dp_animation=””]Related article: A new Senate report: Federal cybersecurity gets a C- | Popular Science (popsci.com)[/vc_column_text][vc_empty_space][vc_column_text dp_animation=””]

TechR2 does ISO 31000 Assessments for our clients and for IBM’s clients.

[/vc_column_text][/vc_column][/vc_row][vc_row type=”grid” video_bg=””][vc_column dp_animation=””][vc_separator][/vc_column][/vc_row][vc_row type=”grid” video_bg=””][vc_column width=”1/2″ dp_animation=””][vc_widget_sidebar sidebar_id=”posts-footer-block-left”][/vc_column][vc_column width=”1/2″ dp_animation=””][vc_widget_sidebar sidebar_id=”posts-footer-block-right”][/vc_column][/vc_row]