Premium Content

Access "Audit failure: How one lab raised IT security awareness and its audit grade"

Published: 24 Dec 2012

Year after year, security audits of Argonne National Laboratory were, in a word, abysmal. On a network that lacked even basic firewall protection, every desktop and server was essentially open to the outside world. Breaking in was a cinch. The appalling reviews -- regardless of who conducted them -- were hardly surprising at the Department of Energy's oldest lab, located in suburban Chicago and devoted to everything from nanotechnology to supercomputing. When it came to investing in science or security, security always got the short end. Argonne's scientific community had little interest in protecting assets under a decentralized system that did little to foster cooperation. Finally, in early 2001, management that had for so long paid lip service to security decided it was time to stop taking so much lip. The lab was determined to overhaul its Cyber Security Program Plan -- a flawed, largely ignored document that was at the heart of its audit failures. Too often, Argonne's security policy mimicked the loose language of DOE mandates, failing to clearly ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free