The Washington Post is reporting on the release of a new White House cybersecurity report titled “Federal Cybersecurity Risk Determination Report and Action Plan” (I just submitted it to GPO as a fugitive document!). The report has some very disturbing results showing that federal agencies across the government are struggling to get secure. Read on.
The White House and the Department of Homeland Security have finished a governmentwide review examining the security of federal agencies, and the results aren’t pretty.
Dozens of federal agencies have cybersecurity programs that aren’t properly equipped to deal with cyber intrusions in their networks, according to a new report released by the White House Office of Management and Budget. Of the 96 federal agencies examined, a whopping 71 were relying on cybersecurity programs deemed “at risk or high risk.”
…The report found that 12 agencies had “high risk” programs, meaning key cybersecurity tools weren’t in place or weren’t deployed sufficiently. Fifty-nine agencies had “at risk” programs, meaning some of the right policies were in place but there were “significant gaps” in terms of security. OMB also noted that federal agencies lacked the visibility into their own networks that would help them detect attempts to steal data and respond to other cyber incidents.
Although the report doesn’t identify which agencies had cybersecurity problems, the scope of the issues described in the report makes it clear that both small and large agencies alike have a ton of work to do, said Stewart Baker, former assistant secretary for policy at DHS.
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.