[email protected] (John Crossno) writes: > It had everything to do with "legacy" network security, not following > best security practices, etc. Where the research talks about > investments in modernization, they imply that the problem is "archaic" > 30-year old COBOL systems, when that really isn't supported by the > research at all (contradictions?). They really mean that when the > distributed network security is modernized with security best > practices, advanced intrusion and malware detection, use of > MFA/PIV/etc, there's a reduction in the number of incidents.
re: http://www.garlic.com/~lynn/2017c.html#60 [EXTERNAL] ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#61 [EXTERNAL] ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#69 ComputerWorld Says: Cobol plays major role in U.S. government breaches http://www.garlic.com/~lynn/2017c.html#70 ComputerWorld Says: Cobol plays major role in U.S. government breaches the enormous outsourcing to "for-profit" operations (especially owned by private-equity company) that occured last decade ... and the rapidly spreading "success of failure" culture ... especially failures of dataprocessing projects, a series of failures is more profit than immediate success http://www.govexec.com/excellence/management-matters/2007/04/the-success-of-failure/24107/ including example of outsourcing security clearances to private-equity owned beltway bandits that were filling out the paperwork, but not bothering to do background checks http://www.investingdaily.com/17693/spies-like-us His security clearance was handled by yet another private firm, one now being probed on suspicion of insufficient diligence in such investigations. ... snip ... there was subsequent news that possibly all clearances performed these firms would have to be redone by in-house gov. agencies. note, not just new dataprocessing (including networks), but article also mentions failed legacy dataprocessing modernization efforts. past posts http://www.garlic.com/~lynn/submisc.html#success.of.failure we had consulted (essentially for free) on the backend dataprocessing for the year 2000 census (when the effort was audited, I was asked to standup in front of the room and answer all the questions). In the early part of the century, we tried to do something similar for the VA hospital dataprocessing and met with the head staffer on the hill for the VA. They had just come off failed billion dollar dataprocessing modernization effort and was gearing up for a couple billion dollar followon. Turns out what we wanted to do was one of the biggest threats to beltway bandits ... impacting their bottom line. -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
