Cybersecurity Controls Assessment

July 22, 2019

DAS is the state’s central administrative agency. It supports state agencies by providing management frameworks and infrastructure for information systems and services, procurement, and other functions. Responsibility for cybersecurity is split between DAS, the Office of the State CIO, and the Enterprise Security Office. This audit assessed critical security controls and the information technology (IT) security management practices at the Department of Administrative Services (DAS). We concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure, and lacks basic foundational IT controls for all six cybersecurity controls we reviewed. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification.

Spotlight

Livesquare Security

Welcome to LiveSquare Security. We deliver real-time, global, data driven security technology for your enterprise while saving you time, personnel expenses, and money. The speed, quality, and quantity of new threats to Internet systems and software have been dramatically increasing. Attackers now use automation, global collaboration, seek greater efficiency, and are developing ever more powerful threats every day.

OTHER WHITEPAPERS
news image

How to Build and Mature Your AppSec Program

whitePaper | January 24, 2023

Achieving an optimal security posture for your business happens when technology, automation, infrastructure, architecture, and security policies are in alignment across the company. This white paper provides concrete strategies to mature your AppSec program and achieve code security at scale based on your organization’s needs.

Read More
news image

Cybersecurity Considerations for Distributed Energy Resources on the U.S. Electric Grid

whitePaper | October 26, 2022

To address the impacts of climate change, the U.S. electric grid will be undergoing significant changes by integrating clean energy resources such as solar and wind. These efforts will be accelerated with the recent passage of the Infrastructure Investment and Jobs Act1 and the Inflation Reduction Act.

Read More
news image

The Trellix Approach to Effective Cloud Security

whitePaper | October 27, 2022

In many ways, the cloud1 is more secure than a traditional data center. Asset management, inventory, audit logging, two-factor access controls, connectivity redundancy and firewalls are built into the cloud provider platform. Servers are easier to patch and won’t become outdated within a few years; there aren’t any forgotten boxes sitting in a dark corner with a note reading, “DO NOT TURN OFF.” However, assets on the cloud continue to be compromised, just as those stored in traditional data centers.

Read More
news image

Log More to Improve Visibility and Enhance Security

whitePaper | September 29, 2022

As the amount of system log data grows exponentially, security teams and threat hunters routinely must limit how much they can collect and how long they can store it because of the performance limitations and costs associated with traditional log management tools.

Read More
news image

Scenarios for the Future of Cybercrime - White Paper for Decision Makers

whitePaper | January 28, 2020

Project 2020 is an initiative of the International Cyber Security Protection Alliance (ICSPA). Its aim is to anticipate the future of cybercrime, enabling governments, businesses and citizens to prepare themselves for the challenges and opportunities of the coming decade. It comprises a range of activities, including common threat reporting, scenario exercises, policy guidance and capacity building.

Read More
news image

Harness Advanced Push-to-talk to Transform Physical Security Operations

whitePaper | December 21, 2022

Hytera’s mission is to develop the future-proof solutions with a holistic approach to your critical communications system and service needs, support public safety agencies in making the city safer, and enable security organisations to keep the enterprise more secure and ensure the safety and security of responders and staff, through driving more efficiency, effectiveness and productivity to operation and management of both daily operations and critical emergencies, while reducing the cost.

Read More

Spotlight

Livesquare Security

Welcome to LiveSquare Security. We deliver real-time, global, data driven security technology for your enterprise while saving you time, personnel expenses, and money. The speed, quality, and quantity of new threats to Internet systems and software have been dramatically increasing. Attackers now use automation, global collaboration, seek greater efficiency, and are developing ever more powerful threats every day.

Events