Federal Cybersecurity: America’s Data Still at Risk

Is America safe from a cyber-attack? Apparently not.

The Senate Committee on Homeland Security and Governmental Affairs recently revealed this alarming fact, and says so far, the federal government is not making much headway in implementing the latest cybersecurity measures.

The group was first tipped off to the problem in 2019 when its Subcommittee, the Permanent Subcommittee on Investigations issued a bipartisan report that found eight key federal agencies failed to meet basic cybersecurity standards and protocol.

The eight agencies included: the Departments of Homeland Security, State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, Education and Social Security Administration.

Looking back over a decade, the 2019 report revealed these agencies failed to properly protect Americans’ personally identifiable information; did not maintain a list of the equipment and programs on agency networks and failed to promptly install security patches to ward off hackers. The report also found that all eight agencies were operating outdated computers systems that are difficult to maintain and secure.

This prompted a follow-up investigation, and the report released by the Senate Committee in August of 2021 shows little to no improvement. Many of the same cybersecurity issues remain and by 2020, only the Department of Homeland Security developed an effective regime to protect America’s sensitive data.

Other problems identified in 2020 include:

  • The State Department left thousands of accounts active after an employee left for extended periods of time on both classified and unclassified networks.
  • The Department of Transportation had no record of tens of thousands of its IT assets.
  • Significant number of vulnerabilities were found on the Department of Agriculture’s public facing websites.
  • Investigators were able to breach hundreds of sensitive files at the Department of Education, including 200 credit card numbers without the agency detecting it.

Bottom line: data entrusted to these agencies remains at risk.

With the recent rise in large-scale cyber incidents and hackers becoming more sophisticated and persistent, the threat to the federal government grows every day.

In 2020, the White House reported 30,819 information security incidents across the federal government-an 8% increase from the prior year.

The Committee promises to continue to track the implementation of the latest cybersecurity requirements across all federal agencies to ensure America’s data remains private and protected.

Read the full report from the Senate Committee on Homeland Security and Governmental Affairs here.