Bad Cyber Security practices in 8 Government Agencies

1435

Over 8 government agencies have been reported for practicing bad when it comes to following a cybersecurity protocol while handling data of US populace, thus exposing it to hackers.

The report which was made public yesterday by US Senators Rob Portman and Tom Carper, the high ranking members and chairman of US Senate Permanent Subcommittee on Investigations related to Homeland Security and Governmental Affairs.

Cybersecurity Insiders has learned that the report was compiled after analyzing data of the past ten years pertaining to Inspector General with regards to compliance with federal information security standards.

It took over 10 months to create the report with regards to the cybersecurity compliance of over 8 US government agencies and the list as follows 1) The Department of State 2.) The department of transportation 3.) The department of housing and urban development 4.) The Department of agriculture 5.) The department of health and human services 6.) The department of education 7.) The social security administration and 8.) The Department of Homeland Security

US Senate has confirmed that the IT managers of the departments never showed interest in keeping the software updates to the system to date and never maintained cyber hygiene for connecting devices exposing them to various cyber vulnerabilities.

IT staff of the agencies never tried to make changes or improve the security posture in their work environment and so this has deteriorated the situation furthermore. For instance, the agencies used legacy systems or applications which were never supported by the manufactures like the usage of Windows XP which is now an obsolete product of Microsoft.

As most of the Chief Information Officers working for the agencies did not have the ability to take technical decisions on an open note, the IT infrastructure of the state government was totally in a Limbo putting the data of Americans at risk.

Ad
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display