Cybersecurity is high on the federal agendas and comes with various challenges; risk awareness, mitigation policies, threat detection software, modern systems and efficient procurement practices and a lack of top talent.
On this episode of CyberChat, host Sean Kelley, former Environmental Protection Agency chief information security officer, is joined by retired Homeland Security senior executive and founder of GotUrSix TV, Keith Trippie.
The future of cyber is in automation of controls and continuous authorization, Trippie said. An information system must be granted authority to operate (ATO) before it becomes operational, and must be re-authorized at least every three years. Continuous authorization or ongoing authorization involves shifting from periodic to ongoing assessment and facilities a continual state of awareness.
“Hackers will not care if ATOs are updated or current, automation of controls and embedding controls in the app will give you continuous visibility into what the vulnerabilities are,” Trippie said. “Through continuous authorization you can reduce costs and enhance cyber posture by taking advantage of all the new technologies around automation,…