Of eight federal agencies audited for their cybersecurity posture, only one showed improvement in 2020. That agency was the Department of Homeland Security (DHS). A report from the Senate highlighted; seven of the eight agencies use legacy systems that no longer receive security updates from the vendor. The report found through testing, multiple agencies could not properly protect employee data and left it vulnerable to attacks. The report also noted that the state department could not provide documentation for the majority of employees that have access to classified networks. Newly appointed National Cyber Director, Chris Ingles, is working to establish a federal government wide cybersecurity strategy to rectify these issues.
Analyst Notes
Following the report, Senate is calling for Congress to update the 2014 Federal Information Security Modernization Act to require agencies to notify DHS of cyber incidents. Legislation has also been introduced to allow the Cybersecurity and Infrastructure Security Agency to lead federal cybersecurity operations and update intrusion detection systems.
Sources:
https://www.cyberscoop.com/senate-homeland-federal-cybersecurity-ig-report/
