Audit , Governance & Risk Management

Why Organizations Fail to Implement Proper Security Safeguards and What They Can Do About It

Why Organizations Fail to Implement Proper Security Safeguards and What They Can Do About It

The complexity of information technology and the constantly evolving threat landscape makes implementing appropriate controls and processes to secure information assets a major challenge for most enterprises in and out of government. The number of vulnerabilities organizations face is mindboggling: the National Institute of Standards and Technology vulnerability database tops 82,000, and that doesn't count unknown vulnerabilities.

See Also: Tried and Tested Best Practices for Active Directory Security

For a dozen years, Gregory Wilshusen and his team of auditors and technical specialists at GAO, the investigative arm of Congress, have issued some 200 reports containing nearly 3,500 recommendations on U.S. federal government IT security, and have identified common problems organizations face and the reasons they often fail in securing information technology. Wilshusen identifies the common areas agencies struggle with to secure their IT and prevent breaches, including access controls, identity and authentication management, continuous monitoring, patch implementation and software testing; explain typical reasons organizations fail to take proper actions to secure their organizations' IT; and recommend solutions organization should take to mitigate this problem.

Though Wilshusen's focus is on government agencies, his findings and recommendations also apply to enterprises outside the federal government, including the private sector.

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.