Cyber hygiene involves many people, tasks

By Debbie Roulier, DLA Information Operations

PRINT  |  E-MAIL

Defense Logistics Agency employees practice cyber hygiene daily by using security software and strong passwords to protect computers and networks. DLA Information Operations’ Cybersecurity Vulnerability Management Team has also spent the past two years working with technical experts and partners throughout the agency to improve, track and maintain the cyber hygiene for DLA’s 19 mission critical systems.

"The Cyber Hygiene Program has brought together key players from across all of DLA Information Operations into a collaborative environment where problems and issues can be discussed openly to ensure the protection of all DLA's cyberspace assets. As a result, remediation timelines have been drastically reduced, which has hardened our defense against malicious threats,” said Josh Boisvert, team lead.

The team began by compiling information for all 19 systems located on internal DLA servers and in the cloud. The team then gathered weekly vulnerability scans highlighting security weaknesses and merged them into a comprehensive report on various cybersecurity issues. The report includes the Cyber Hygiene Score, a point system based on the severity and number of findings on the systems associated with each application. Reports are used to identify and prioritize the most urgent vulnerabilities and used as a reference during weekly meetings between project managers, information systems managers, technical experts and managers throughout DLA Information Operations.

“Targeting patching requirements has enabled the agency to operate in a secure environment and ensured availability during this mass telework event,” Boisvert said.

What began as a team of nine members has expanded to over 100 participants from every area of DLA Information Operations.

“This collaborative environment has done more for vulnerability management within DLA than anything else I have seen to-date,” Boisvert said, adding that cyber threats to DLA systems are real.

“The Cyber Hygiene Program reduces the attack surface of DLA’s assets and takes opportunities away from our adversaries to disrupt our mission,” he said.