1/26/2015 - The Veterans Affairs Department's computers and networks got a clean bill of health from third-party experts. The analysis comes 18 months after VA came under intense scrutiny at a House Veterans Affairs Committee hearing for having major cybersecurity vulnerabilities.
VA hired Mandiant, the cybersecurity company, to examine its networks and systems, specifically looking at domain controllers and Internet gateways.
Steph Warren, the executive in charge of VA's Office of Information and Technology and chief information officer, said the report's finalized findings were consistent with what he said during a November hearing before the House Veterans Affairs Committee.
"They assessed where things were. They assessed the entire network in terms of looking at what the threats were with a primary focus on our domain controllers and they worked our perimeter. We run through Trusted Internet Connects or four gateways so they also looked at the traffic on the gateways," Warren said Friday during a briefing with reporters. "The results of their conclusion — that final report — was that none of the domain controllers had evidence of compromise and they did not see evidence in the logs they reviewed or anything around those devices."
VA provided reporters with a copy of the executive summary of the report, but Warren said they couldn't release the entire report yet as it was still going through legal review.
The executive summary stated Mandiant also didn't find any evidence of data staging or theft, such as the loss of credentials, personal information or personal health information or VA sensitive information. read more>>>
No comments:
Post a Comment