https://www.defenseone.com/technology/2018/12/pentagon-doesnt-know-all-software-its-networksand-s-problem/153669/
By Heather Kuldell
Managing Editor
Defense One
December 20, 2018
The Defense Department faces "unnecessary" risk without a complete
software inventory, according to the agency's inspector general.
The Defense Department's poor software management practices put its
networks at "unnecessary" cyber risk -- and that's on the department's
chief information officer, according to the agency inspector general.
The department doesn't have an enterprisewide software application
rationalization program -- an inventory of what the department owns and is
in use -- as required by the Federal Information Technology Acquisition
Reform Act, the Defense inspector general wrote in a report released
Tuesday. Such programs help agencies get rid of duplicative or obsolete
applications and avoid buying redundant software.
Instead of an enterprisewide solution, the Defense CIO in 2017 revised a
Joint Information Environment objective to limit software rationalization
to data centers.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
