Bruce Brody, CIO of the Veterans Affairs Department, had some advice today for agencies working to improve the security of their networks. “Trust me, centralization is the only way to get it done,” he said. Brody offered his advice at the GOVSEC security conference in Washington while outlining his department’s progress since he took on the task in March 2001. VA is the first cabinet-level department to establish central cybersecurity technology and operational controls at the department level, he said. When he became associate deputy assistant secretary for cyber and information security, VA had been given an F in former Rep. Steve Horn’s cybersecurity report card. The agency’s widely distributed operations—163 medical centers, more than 800 clinics, 57 regional benefits offices and 206 outreach centers—had collected a hodge-podge of 30 networks, each independent and cobbled together. “Lots of unauthorized connections to the Internet,” Brody said. “A real mess. Implementing security in an environment like this was just not feasible.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.