by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : May 30, 2013
JODY BRAZIL is president and chief technology of cer at FireMon, a provider of enterprise security management solutions. Commentary | JODY BRAZIL We are nearly three months into sequestration, and the world --- or even the U.S. government --- has not ground to a screeching halt. By the same token, all the talk about the cuts shocking elected leaders to their senses and prompting an agreement to negate the sequester seems to have died down as well. That doesn t mean the cuts have not been deep. It doesn t mean that many employees --- both govern- ment workers and contractors --- will not lose their jobs or that new programs and initiatives are not being canceled or delayed. But nor does it mean IT leaders are relieved of the responsibility of securing our IT assets and manag- ing our risk at acceptable levels. This era of sequestration means we must work smarter with the assets we have now. The pre- cious few dollars we have should be used to capitalize on what is already in place rather than rip- ping out and starting over. It is an opportunity to better manage current assets for greater operating ef ciency. According to some govern- ment of cials, for the most part, critical infrastructure security has not been drastically cut. What is already in place will generally remain in place, at least for now. New projects could be scaled back, but even then, massive cuts seem unlikely. The most dif cult task might well be how to make do with fewer employees. Although new technol- ogy purchases for cybersecurity might still be possible, the staff to implement and maintain that tech- nology is not nearly so protected. That means IT executives must use technology to manage assets effec- tively. Automation and visibility can help you manage with fewer people, and when looking at new technology, better management of existing infrastructure should be a prime consideration. Another area that could be subject to sequestration-related cuts is the move to next-generation rewalls and other security appli- ances. However, that does not mean you cannot improve your security posture with the network security gear you have right now. For instance, there is probably no shortage of rewalls in your network today, but understand- ing what rules are in place and why is another matter. Learning to make do with what you have is the key to successfully navigating the sequester. Another strategy is to under- stand what the true risks are so that you don t spend money you do not have on things that are not a real concern. It is natural to worry about assets that are vulnerable, but very few of us investigate whether those vulnerabilities are exploitable. Fewer still take the next step and ascertain whether those exploitable vulnerabilities are reachable. If they are not, why waste precious resources on them? And if they are reachable and exploitable, what is the most ef - cient way to manage that risk? It might not necessarily mean spend- ing more money. Instead, it could be as simple as a network con gu- ration setting. A more enlightened approach to risk management that helps you identify the risks in a network and how best to manage them could wind up saving big money. Tools and tactics that allow agencies to capitalize on existing assets are the best ways to squeeze the most out of shrinking budgets. There will be a time soon when we can think about upgrading our network security appliances and infrastructure. But that doesn t mean we can t be more secure and manage risk better today. Invest in what you already have in place. Manage better, work smarter, and don t use the sequestration as an excuse to let down your guard about information security. ■ Can the sequester make us smarter about security? Agencies can achieve a much bigger bang for their precious bucks by investing in better management of existing security assets Learning to make do with what you have is the key to successfully navigating the sequester. May 30, 2013 FCW.COM 11
May 15, 2013
June 15, 2013