Working from a tip, names and SSNs of several people involved in DOJ investigations were found to be accessible on their public website with a minimum of effort. If the .gov is this bad, how can they expect businesses to be better?
Ready to actually get the RMF/ISSO job?
Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).
Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community
Leave a Reply