Adrian Johnson
TLDR:
– Health and Human Services has moved much of its IT into commercial cloud computing.
– The HHS Inspector General completed an audit on the security of applications operated by the Office of the Secretary.
Like many departments, Health and Human Services has transitioned a significant portion of its information technology to commercial cloud computing. While cloud computing offers numerous benefits, it also requires careful attention to cybersecurity. The HHS Inspector General conducted an audit focusing on the security of applications operated by the Office of the Secretary. The audit aimed to determine whether the necessary cybersecurity controls were in place to prevent or detect cyber attacks that could harm operations. The audit identified gaps in security controls and recommended actions to address them, emphasizing the importance of complete and accurate cloud inventory, addressing security control findings, implementing security control assessment tools, and training security officers. The Department of Health and Human Services took immediate action to address the recommendations and improve cloud security.
