Eight federal agencies have failed to deal with weaknesses in their information technology infrastructure resulting in vulnerabilities for millions of Americans’ personal information, according to a bipartisan staff report released this week by U.S. Sen. Rob Portman (R-OH).
“After a decade of negligence, our federal agencies have failed at implementing basic cybersecurity practices, leaving classified, personal, and sensitive information unsafe and vulnerable to theft,” Sen. Portman said on June 25. “The federal government can, and must, do a better job of shoring up our defenses against the rising cybersecurity threats.”
The report, “Federal Cybersecurity: America’s Data at Risk,” documents a 10-month investigation by the U.S. Senate Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations (PSI), which is chaired by Sen. Portman and ranking member U.S. Sen. Tom Carper (D-DE).
“Hackers with malicious intent can and do attack federal government cyber infrastructure consistently. In 2017 alone, federal agencies reported 35,277 cyber incidents,” said Sen. Portman.
The PSI reviewed 10 years of Inspectors General reports on compliance with federal information security standards for the U.S. Department of Homeland Security (DHS) and the federal departments of State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, Education, and the Social Security Administration, which were cited by the Office of Management and Budget (OMB) as rating the lowest for cybersecurity practices.
The PSI investigation found many common vulnerabilities, including that seven agencies failed to adequately protect personally identifiable information, while all eight agencies use legacy systems or applications that are no longer supported by the vendor with security updates.
Additionally, the report found that DHS failed to address cybersecurity weaknesses for at least a decade and operated systems lacking valid authorities to operate for seven consecutive fiscal years.
Recommendations include permitting OMB to require agencies to adopt its risk-based budgeting model and to ensure that chief information officers are authorized to make organization-wide cybersecurity decisions.
Others, among several, call for having federal agencies prioritize cyber hiring and to require them to include progress reports on cybersecurity audit remediation in their annual budget justification submissions to Congress.
“I look forward to continuing my work with Senator Carper and my bipartisan colleagues to address this issue to ensure the safety and security of Americans’ sensitive information and federal agency assets,” said Sen. Portman.
New bipartisan legislation offered by U.S. Sen. Susan Collins (R-ME) aims to reduce the medical…
U.S. Sens. Mike Rounds (R-SD) and Todd Young (R-IN), members of the Bipartisan Senate AI…
U.S. Rep. Andrew Garbarino (R-NY) sponsored a bipartisan bill that would support rescue, rehabilitation, reintroduction,…
U.S. Rep. August Pfluger (R-TX) on May 15 led a bipartisan bill that aims to…
The U.S. House Ways and Means Committee on May 15 voted unanimously to approve legislation…
U.S. Reps. Bryan Steil (R-WI) and Stephanie Bice (R-OK) this week offered legislation to bolster…
This website uses cookies.