|
|
|
|
|
|
by at-fates-hands
2562 days ago
|
|
|
> Instead let's create a new government agency or pivot the NSA from it's dumb paranoid reactionary posture to more of a proactive NIST-style advisory role on best practices It's similar to working in infosec though. You do the pen tests, you find and identify the vulnerabilities and write up your report. Then its up to the municipal entity to put whatever your recommendations are in place to fix what they found. I have a large number of friends in the community who say they can do the work and identify issues, but often times, they come back six months or a year later and stuff they highlighted as critical fixes were still not taken care of. It's the old, "You can lead a horse to water. . " saying, right? The real issue is how you implement these fixes on a continuous basis to keep the network safe? |
|
|