brassballs.blog

View Original

Thursday's White House report says 71 out of 96 federal agencies are at "significant risk" of being hacked

Three out of four federal agencies are at significant risk of being hacked, according to Thursday's report from the Office of Management and Budget (OMB). Federal agencies are unable to "detect when large amounts of information leave their networks", stated the report.

This means federal "agencies are spending billions of dollars on (computer) security ... without fully understanding the dangers they are facing", said Suzette Kent (pictured above).

She is Federal Chief Information Officer, Office of Management and Budget.

https://www.cio.gov/2018/05/30/Risk-Report/

The report is called "Federal Cybersecurity Risk Determination Report and Action Plan". It is 22 pages and is linked here:

https://www.whitehouse.gov/wp-content/uploads/2018/05/Cybersecurity-Risk-Determination-Report-FINAL_May-2018-Release.pdf

The OMB found 71 out of 96 federal agencies have computer information security programs that were either "at risk" or at "high risk". Only 25 agencies were reported to be managing risk using recommended tools and policies.

Twelve agencies or 12.5 per cent are at "high risk" of being hacked, according to the Office of Management and Budget.

The names of the 96 federal agencies are omitted from the report.

Their report also found that federal agencies were unable to "identify the method of attack" of 11,802 cyber incidents (38 per cent). These attacks resulted in either "compromise of information" or the system worked improperly.

In 2016, federal agencies reported 30,899 cyber incidents.

The Office of Management and Budget (OMB) is a branch of the Executive Branch of government. It is part of President Donald J. Trump's administration.

https://www.whitehouse.gov/articles/strengthening-the-cybersecurity-of-federal-networks-and-critical-infrastructure/

Federal civilian agencies spent $5.7 billion on computer information security in 2017. The year before it was five billion dollars.

Other federal agency findings were:

  • 16 per cent met government standards for protecting data 
  • Seven per cent of all network users are unable to be identified and verified
  • 73 per cent never tested or verified whether their computer network was secure