The California State Auditor’s office has issued a new report “High Risk Update—Information Security” which is available Here. The detailed report’s basic conclusion is that “despite the need to safeguard the State’s information systems, our review found that many state entities have weaknesses in their controls over information security. These weaknesses leave some of the State’s sensitive data vulnerable to unauthorized use, disclosure, or disruption.” Jonathan Sander, VP of product strategy for Los Angeles-based Lieberman Software commented on the report that finds sensitive data at risk for at least 73 Callif. agencies.
[su_note note_color=”#ffffcc” text_color=”#00000″]Jonathan Sander, VP of product strategy Lieberman Software :
“Reading the High Risk Update on Information Security, just issued by the California State Auditor, it is clear that there is blame for everyone and little chance that the state’s systems are ready to meet an attack.
Much of the update focuses on compliance with Chapter 5300 of the State Administrative Manual – one of 65 chapters covering everything from payroll to transportation. The refrain is that less than half of the agencies who did self-assessments report they have met the state’s standards. Since this comes from an auditor’s point of view, it’s no surprise that it focuses on compliance and assessment.
Though the report talks about breaches and attacks, it does very little to address true threat response and cyber defense. It’s hard to blame them, though, seeing that this compliance-focused security thinking is state of the art for most, even while the bad guys take all our data straight to the bank.”[/su_note][su_box title=”About Lieberman Software” style=”noise” box_color=”#336588″]Lieberman Software proactively stops cyber attacks that bypass conventional enterprise defenses and penetrate the network perimeter. The company provides award-winning privilege management and security management products to more than 1,400 customers worldwide, including nearly half of the US Fortune 50. By automatically securing privileged access – both on-premises and in the cloud – Lieberman Software controls access to systems with sensitive data, and defends against malicious insiders, zero day attacks and other advanced cyber threats. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.