Submitted by sfreidus on Tue, 12/26/2017 - 13:28
No longer can security programs rely on “if it’s not broke, don’t fix it” — adversaries could already be inside systems, stealing data or probing to get in. Too many CIOs and CISOs have thought their systems and data were secure when in fact the opposite was true. Security programs need effective protection of valuable information and systems to prevent data breaches, and to comply with the ever increasing federal compliance requirements (such as the Federal Information Security Management Act (FISMA), the Privacy Act, policy and guidance from the Office of Management and Budget (OMB) an