• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
The Oakmont Group

The Oakmont Group

Helpful Advice about Podcast Promotion

  • Federal Tech Podcast
  • Podcasting Success Blog
  • About

Ep. 42 Vulnerability Management for Federal Systems

January 3, 2023

apple podcasts logo
spotify logp
willie hicks
Willie Hicks, Dynatrace
dynatrace

All systems, including federal systems, are full of vulnerabilities. The question is, given a limited number of hours in the day and a limited staff, how can you optimize your resources to remedy this issue?

Well, the Cybersecurity & Cyberinfrastructure Security Agency (CISA) has released a Binding Operative Directive (BOD) that targets that concern. It was released on November 10, 2023, and is titled, “Transforming the Vulnerability Landscape.”

During today’s interview, Willie Hicks from Dynatrace will look at the whole issue of discoverability and what impact this new BOD will have on the federal community.

If you examine the BOD from 40,000 feet, it transfers the focus from the federal technology leaders to the vendors. Instead of having a security announcement buried on a vendor’s website, CISA suggests it be posted in a machine-readable format. This way, updates can be automatically sent out so they can be ingested. 

"there are problems are always digging through logs to try to figure that out. And honestly, those methods especially as environments have become more and more complex"

Willie Hicks, Dynatrace Tweet

The Vulnerability Exploitability eXchange helps users know if a given product is impacted. The military knows that if you defend everything you defend nothing. It allows links to the Software Bill of Materials so users can know about which vulnerabilities they should worry.

Finally, they look at something called the Stakeholder Specific Vulnerability Exchange. This reinforces the fact that not all vulnerabilities impact all federal agencies. CISA suggests that agencies consider vulnerability frameworks that can assist in reducing risk.

Will Hicks applies his years of experience in federal technology to unpack many of these concepts during the interview. He reinforces the concept of visibility. One cannont set appropriate priorities if one doesn’t know what is on the network.  Once that essential step is accomplished, then an administrator can use guidelines to set priorities.

If you enjoyed this article, you may want to listen to Ep. 16 Artificial Intelligence & Cloud Management for Federal Applications

Transcript for podcast
Transcript for Ep. 42
Federal Tech Podast
John Gilroy

John Gilroy

Has been in front of a microphone since 1991.  He can help you structure, launch, and promote your company podcast.  johngilroy@theoakmontgroupllc.com  

Federal Tech Podcast Dynatrace,  Ep 42,  Willie Hicks

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

federal tech podcast logo

The purpose of the Federal Tech Podcast to discuss innovation to reduce cost for federal technology. Contact us if you think you are a good fit.

Recent Posts

  • Ep. 75 Digital Transformation Culture at the DLA
  • Ep. 74 Digital Transformation of an Enterprise Financial System
  • Ep. 73 How to Build Federal Systems for Scale and Resilience
  • Ep. 72 How Federal Leaders can get Value From Data Management
  • Ep. 71 Equity and Federal Identity with Socure
constellations podcast from Kratos

Fascinated by going to Mars?

Right now in Los Angeles a company is 3D printing rockets;  30,000 satellites will be launched in the next five years; satellite communications have advanced so far that companies are using normal cell phones to connect to satellites.  How to keep up with all this excitement?  The Constellations Podcast from Kratos.

Let’s work together

Get in touch with us and send some basic info about your podcast.

Appear on Federal Tech Podcast

Footer

Social

Follow along on social media.

email

johngilroy@theoakmontgroupllc.com

Policy

Policy for The Oakmont Group

Copyright © 2023 · Business Pro Theme on Genesis Framework · WordPress · Log in