Steven Hernandez, U.S. Department of Health and Human Services, OIG Chief Information Security Officer

Manage For Security Now - And In The Future

  • When reviewing new applications, be sure that the services shown are the services that will be delivered without additional cost.
  • Ensure your infrastructure is sufficient for whatever technologies you plan to implement. The responsibility for improving infrastructure usually falls to the agency.

“Lessons learned from Phase 1: We’re making sure that what we bring on board is priced correctly so that it’s just what we need in terms of capability.”

At the U.S. Department of Health and Human Services (HHS), Steven Hernandez, chief information security officer to the
HHS Inspector General, says that the tools the DHS has imposed are often robust and the implementers good at what they do. “They know how to do this,” he explains. “Initially, everything works great; then, you begin implementation and things start to get a bit wonky.”

This is an excerpt from CDM From the Frontlines. The eBook was generously sponsored by Tenable.