The US government seemed to have initiated a 30-day security sprint to fix the most important vulnerabilities in their network (). I guess it is a good approach to generate attention and fix the immediate issues. What I do not get is how they are able to address IAM issues in such a short period of time:
However, I do not expect such events to really improve security as it can only help to address the vulnerabilities introduced in the system over time. As we all know, security is a journey â€“ and a constant process to fight the criminals.