Showing 2 ideas for tag "operational"
kudos icon +

2. Business Initiated Vulnerabilities

Supported ITAPS recommendations

(Paragraphs preceded by [Non-ITAPS] are expanded recommendations to more explicitly address questions, not directly addressed by ITAPS; participated in and collaborated with ITAPS OMB-OPM-NSC Task Force)

How can agencies sharpen focus on vulnerabilities created by (or exposed by) uninformed business/program users and the array of technology solutions embedded in service delivery that does not account for cyber?

[Non-ITAPS]... more »

Voting

1 vote
Public Input
kudos icon +

2. Business Initiated Vulnerabilities

Create Gov Wide "Security Maven" Program for Gov IT Developers

Walmart achieved a 92% reduction in security defects by creating a "Security Maven" role to drive security best practices into their software development teams that greatly outnumbered their security teams.

IT security in government is typically organized as a silo focused on protecting production systems. A government-wide security maven program would help tear down the existing" expertise" and "contractual" barriers... more »

Voting

4 votes
Public Input