U.S. Federal Agencies Score Terribly on Cybersecurity
The May 2018 Federal Information Technology Acquisition Reform Act (FITARA) scorecard reported dismal cybersecurity preparedness for U.S. federal agencies. FITARA now includes a metric for grading agency cybersecurity postures, tied to the Federal Information Security Management Act (FISMA).
Of the 23 agencies:
9 - Failed (grade F)
9 - Received a D
5 - Earned a C which was the highest grade achieved by any agency
The report also indicated federal IT systems are increasingly obsolete with outdated software and hardware. In at least one case an agency was using systems over 50 years old.
There is significant room for improvement. Until then, the U.S. federal infrastructure and services are at significant risk from digital attacks.
The upside is the fact that cybersecurity postures are being measured consistently and reported. It is tough to make headway if decent metrics do not exist. Quantifying the problem is a step in the right direction.
Watch the Congressional Committee on Oversight & Government Reform hearing
Subcommittee on Information Technology and subcommittee on Government Operations announce and discuss the latest results:
Ego Beyond Reality
It is easy to believe your organization is doing well if there aren’t any credible audit results to the contrary. The FITARA report card should help federal agencies understand where they truly stand.
For example, it is tough to reconcile how the Department of Homeland Security wants to train businesses on cybersecurity, yet themselves score so poorly. Most recently, they scored a D grade on FITARA for cyber.
A realistic understanding of the landscape and threats is necessary to properly manage risk. Knowing your deficiencies is a crucial part necessary for success.
The May 2018 FITARA 6.0 Scorecard can be found here: https://oversight.house.gov/wp-content/uploads/2018/05/OGR-Scorecard-6.0-v2.pdf
Interested in more? Follow me on your favorite social sites for insights and what is going on in cybersecurity: LinkedIn, Twitter (@Matt_Rosenquist), YouTube, Information Security Strategy blog, Medium, and Steemit
I'm wondering now if some covert operations were found because of poor cyber security.
Wow that’s some scary stuff. It just shows how important it is to stay up to date and continue to make IT investments.
wow. those scores should be pretty embarrassing for them. p.s. love the title
Sad scores. ...and we rely on the government to protect us! Looks like they can't even protect themselves.
Hm... I wonder why? lol
Thanks brother for sharing a good information for us..
WAOW it's really alarming! If terrorist start to attack US through the numeric word, it would be a disaster...
It could really happen when I'm thinking about
If you start misusing the technology then you are bound to suffer the backlash. But please don't forget the various benefits you have got from the development in the technology.