Australia markets closed
  • ALL ORDS

    7,702.90
    -56.90 (-0.73%)
     
  • ASX 200

    7,403.70
    -56.50 (-0.76%)
     
  • AUD/USD

    0.7268
    -0.0027 (-0.37%)
     
  • OIL

    71.96
    -0.65 (-0.90%)
     
  • GOLD

    1,753.90
    -2.80 (-0.16%)
     
  • BTC-AUD

    66,985.09
    +535.36 (+0.81%)
     
  • CMC Crypto 200

    1,193.48
    -32.05 (-2.62%)
     
  • AUD/EUR

    0.6195
    +0.0002 (+0.03%)
     
  • AUD/NZD

    1.0318
    +0.0013 (+0.13%)
     
  • NZX 50

    13,234.55
    +155.04 (+1.19%)
     
  • NASDAQ

    15,333.47
    -182.44 (-1.18%)
     
  • FTSE

    6,963.64
    -63.84 (-0.91%)
     
  • Dow Jones

    34,584.88
    -166.44 (-0.48%)
     
  • DAX

    15,490.17
    -161.58 (-1.03%)
     
  • Hang Seng

    24,920.76
    +252.91 (+1.03%)
     
  • NIKKEI 225

    30,500.05
    +176.71 (+0.58%)
     

Senate report warns of glaring cybersecurity holes at federal agencies

·Contributing Writer
·2-min read

Several US federal agencies are unprepared to protect the personal information of everyday Americans should they become the target of a cyberattack, according to a new report put together by the Senate Homeland Security Committee. The panel found that out of eight federal bodies, including the departments of State, Transportation and Education, only Homeland Security complied with the Federal Information Security Modernization Act (FISMA), an Obama-era law Congress passed to enable the US government to better respond to online threats.

"All agencies failed to comply with statutory requirements to certify to Congress they have implemented certain key cybersecurity requirements including encryption of sensitive data, least privilege and multi-factor authentication," the report said.

This content is not available due to your privacy preferences.
Update your settings here to see it.

As The Record points out, one of the more glaring oversights the panel found was that the State Department left thousands of employee accounts on its classified and unclassified networks active even after those individuals left the agency. In another particularly worrisome example, the Department of Agriculture had vulnerabilities on its websites that it wasn't aware of. What's more, at least seven of the eight agencies the panel audited were using outdated and unsupported IT systems, leaving them vulnerable to attacks. "It is clear that the data entrusted to these eight agencies remains at risk," the report said.

"From SolarWinds to recent ransomware attacks against critical infrastructure, it's clear that cyberattacks are going to keep coming," Senator Rob Portman, the panel's top Republican, said on Twitter. "It is unacceptable that our own federal agencies are not doing everything possible to safeguard America's data. I am concerned that many of these vulnerabilities have been outstanding for the better part of a decade — the American people deserve better."

Among other recommendations, the report highlights the need for a single agency to oversee federal cybersecurity. To that end, the panel suggests Congress update the Federal Information Security Modernization Act to make the law better reflect current cybersecurity practices and establish the Cybersecurity and Infrastructure Security Agency as the federal lead for those types of issues. It also recommends amending FISMA to require agencies to notify both CISA and, in some instances, Congress when they become entangled in a major incident.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting