US Senate report finds government agencies failing to improve cyber posture

A report published by US Senate Committee has found only one of eight federal agencies showed improvements in strengthening their cybersecurity programs.

According to Cyberscoop, the Senate Homeland Security and Governmental Affairs Committee found that only the Department of Homeland Security showed improvements during 2020.

The report detailed concern about the state of many US federal agencies’ cyber standing following an overall 8% rise in security incidents across agencies. It also highlighted the increased scrutiny of federal cybersecurity by lawmakers following last year’s SolarWinds hack which infiltrated nine government agencies.

It was also found in the report that seven of the eight government agencies reviewed still use legacy systems that no longer have security updates that are supported by their vendor – an issue that can leave some agencies vulnerable to foreign hackers, claims the report.

 The report highlighted, “It is clear that the data entrusted to these eight key agencies remain at risk. As hackers, both state-sponsored and otherwise, become increasingly sophisticated and persistent, Congress and the executive branch cannot continue to allow [personally identifiable information] and national security secrets to remain vulnerable.”

Among the various agency findings, the report found that the US State Department was unable to provide documentation for around 60% of the employees sampled that had access to its networks. At the Department of Education, its inspector general found that it was able to steal hundreds of files of personal information from the agency – including credit card numbers – without being automatically blocked.

The report concluded that the US Congress needs to update the 2014 Federal Information Security Modernisation Act to require federal agencies to notify the Cybersecurity and Infrastructure Agency of cyber cases as well as to formalise the agency’s role in leading cybersecurity operations.

Meanwhile, the Senate Homeland Security and Governmental Affairs Committee proposed a primary office to coordinate with agencies for a federal government cybersecurity strategy should be established. According to National Cyber Director Chris Inglis, this is an approach the US government is currently working on.

Copyright © 2021 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.