The New Consensus Security Audit Guidelines: Expert Matt Brown on How Implementation Will WorkMay 11, 2009

 

The Wharton Aerospace & Defense Report recently published an article about the growing number of attacks against Defense Department and defense contractor computer networks, and how weak the response has been generally to such attacks for years.

Just after our article appeared, as if to underline the problem, new reports noted that digital spies had infiltrated government computers and stolen several terabytes of data related to the Pentagon's $300 billion Joint Strike Fighter project. Now the Obama administration plans to create a new military command to protect computer networks from intrusion, and the Defense Department will hire hundreds more cybersecurity experts.

In the meantime, a consortium of federal and defense agencies and private companies have compiled guidelines — known as Consensus Audit Guidelines (CAG) — that define the most critical security controls required to protect federal and defense industry systems. How those guidelines get implemented has some companies worried because of the complexity of working with the new criteria.

To provide some insight into this critical issue, the Wharton Aerospace & Defense Report spoke with Matt Brown, the vice president for Information Assurance Services at Knowledge Consulting Group, who also spoke on this subject at the recent Cyber Security Conference & Expo in Washington, DC. Read the full interview here