In IT, as in life, the greatest risks and opportunities are in the shadows.
Bipartisan legislation is quietly on its way to President Biden’s desk that could reduce cybersecurity risk at the Department of Veterans Affairs (VA) and create the opportunity for Congress to tackle a growing government-wide problem: the proliferation of IT devices and systems being used without proper approval, commonly known as Shadow IT.
Senators Jacky Rosen, D-Nev., and Marsha Blackburn, R-TN, introduced the Strengthening VA Cybersecurity Act of 2022 earlier this year in the Senate and Rep. Frank Mrvan, D-Ind., chairman of the House Veterans Affairs Committee’s Technology Modernization Subcommittee, introduced the House version…
From the perspective of the employee using Shadow IT, the path of least resistance can lead to efficiencies. But from the perspective of an enterprise charged with protecting the health records, data, and personal information of millions of veterans, Shadow IT poses real risks. Large enterprises require layers of financial, security, and operational controls to protect data and operational stability. Without full visibility and awareness of operations, Federal agencies cannot fully mitigate their cybersecurity risk and ensure the ongoing stability of their networks.
“We must do everything we can to protect our veterans’ personal information and medical records,” said Senator Rosen in a recent statement. “I’m glad Congress has passed our bipartisan legislation to protect the sensitive data for veterans across Nevada and our country, and I look forward to it becoming law soon.”…