The Register
The infosec program run by the US' Consumer Financial Protection Bureau (CFPB) "is not effective," according to a fresh audit published by the Office of the Inspector General (OIG).
A summary of the report, dated October 31 and published on Monday, stated that since the OIG's previous audit, the CFPB's overall cybersecurity posture has decreased from level-4 maturity, defined as "managed and measurable," to level-2 maturity – "defined."
The two main factors adversely affecting the efficacy of its infosec management are sub-par maintenance of system authorizations and its failure to establish cybersecurity risk profiles.
Cybersecurity risk profiles describe an organization's current and target cybersecurity posture and help prioritize security outcomes based on its policies, risk priorit
America News
Raw Story
AlterNet
Reuters US Top
Reuters US Domestic
Mediaite