We recommend the TSA Chief Information Officer enforce the requirement for the selected High Value Asset system owner to apply security updates and service patches to remediate vulnerabilities on all devices, as required by applicable DHS policies.