Cybersecurity Is A Big Government Problem

Uploaded on 2015-12-09 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

The massive breach of the US Federal Office of Personnel Management systems that compromised the personal data of millions of Americans is still making headlines. But behind those headlines is a much bigger story about the US Government's systematic failure to protect itself from cybersecurity risks that have expanded at an alarming rate.
Perhaps nothing illustrates the challenge facing the government better than this chart from a Government Accountability Office testimony released in April that shows the number of information security incidents reported by federal government agencies in recent years:

 

Reports exploded between fiscal year 2006 and 2014, going from 5,503 to 67,168 -- an increase of over 1,100 percent, according to the testimony. Not all of those incidents represent breaches -- and only 27,624 of the incidents reported in 2014 involved personally identifiable information, the agency said. It's also possible that the chart actually shows the government is getting better at detecting when it has problems, rather than just actually having more problems. But it still clearly has some problems in that area, as evidenced by the OPM breach not being discovered until months after the initial incident, according to reporting by The Washington Post and others. Either way, the chart helps explain just how much constant vigilance is required to protect government systems. Unfortunately, the same testimony warned that government systems might not be up to the task:

For fiscal year 2014, 19 of 24 major federal agencies reported that deficiencies in information security controls constituted either a material weakness or significant deficiency in internal controls over their financial reporting. In addition, inspectors general at 23 of these agencies cited information security as a major management challenge for their agency.
Washington Post: http://wapo.st/1SNTztJ

 

« Insurance Tech Faces the Internet of Things Arms Race
First Ever EU Rules On Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Computer & Communications Industry Association (CCIA)

Computer & Communications Industry Association (CCIA)

CCIA supports efforts to facilitate and streamline information sharing on cyber threats between the private sector and the Federal Government.

ProPay

ProPay

ProPay provides secure payment solutions for organizations ranging from small businesses to large enterprises requiring complex payment solutions.

Samsung Knox

Samsung Knox

Samsung Knox brings multi-layered defence-grade security to your business’s smartphones and tablets.

RedSeal

RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

XPO IT Services

XPO IT Services

XPO IT Services are dedicated to providing secure, high quality IT recycling and asset disposal services.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

KnectIQ

KnectIQ

Building Trust Environments in a Zero-Trust World. KnectIQ offers KIQAssure, an Ultra High Security Solution for Data in Flight.

Netsurion

Netsurion

Netsurion powers secure and agile networks for highly distributed and small-to-medium enterprises and the IT providers that serve them.

Singular Security

Singular Security

Singular Security help public and private organizations minimize cybersecurity risk and pass their IT compliance audit.

Carson McDowell

Carson McDowell

Carson McDowell are one of Northern Ireland's leading law firms. We are the law firm of choice for many of Northern Ireland's Top 100 companies as well as international companies doing business here.

Auriga Consulting

Auriga Consulting

Auriga is a center of excellence in Cyber Security, Assurance and Monitoring Services, with a renowned track record of succeeding where others have failed.

HackEDU

HackEDU

HackEDU provides secure coding training to companies ranging from startups to the Fortune 500.

Punk Security

Punk Security

Punk Security are specialists in integrating security into DevOps pipelines, enabling rapid and secure development.

TokenEx

TokenEx

TokenEx Cloud Security Platform protects sensitive data to strengthen our clients' security postures while future-proofing their operations.

SecureWeb3

SecureWeb3

SecureWeb3 helps businesses and brands to secure their Web3 presence by offering a full suite of security services including training, consultancy & brand protection solutions.