Federal operators of critical systems agree that other nations are the biggest cybersecurity threat. That's what the Government Accountability Office found out in its latest survey. Greg Wilshusen, GAO's director of information security issues, fills in the details on Federal Drive with Tom Temin.
Cybersecurity experts say the government needs to address gaps in its IT systems and workforce to strengthen its defenses against data breaches, threats that are now a part of everyday federal operations.
The federal government has designated 15 private sector industries as being or operating critical infrastructure. Each one has a corresponding federal agency with whom that industry shares cybersecurity threat information. Trouble is, the so-called sector-specific agencies haven't done a good job in assessing whether the infrastructure operators are getting better at cyber. That's according to the Government Accountability Office. Its director of cybersecurity issues, Greg Wilshusen, tells Federal Drive with Tom Temin more.
Even though the Office of Personnel Management is responsible for the biggest breach to federal employee data in history, it is by no means the only agency having a tough time addressing cybersecurity vulnerabilities. The number of cybersecurity incidents government-wide is up from about 5,500 in fiscal 2006 to more than 67,000 in fiscal 2014 — and those are just the incidents agencies have reported. Information security has been on the Government Accountability Office's High Risk list since 1997. Greg Wilshusen is director of information strategic issues at the GAO. He tells In Depth guest host Jared Serbu why agencies are having a hard time coming up with risk-based cyber programs.
Steph Warren, VA's CIO, said he moved money out of projects and into cybersecurity to ensure the agency gets rid of as many material weaknesses as they can. The decision to move money comes as Congress turns back up the heat on VA to correct long-standing and systemic cyber shortcomings.
Open enrollment for health care insurance through the federal exchange is coming around again. Congress, among others, is wondering if the exchange and its website HealthCare.gov are secure. The Government Accountability Office took a look. It found some issues. Greg Wilshusen is the information security issues at GAO. He testified last week about what auditors say need to be done. He joined Tom Temin on the Federal Drive with details.
Agencies are still facing several challenges when it comes to cybersecurity. They continue to deploy new technologies and business practices to fend off the cyber threats, but the Government Accountability Office says the number of data breaches has more than doubled over the last several years. Greg Wilshusen, director of Information Security Issues at the GAO, joined Federal Drive hosts Tom Temin and Emily Kopp to discuss the problem and GAO's ideas for fixing it.
Rep. Jackie Walorski (R-Ind.) introduced the Veterans Information Security Improvement Act that would explicitly require VA to take steps to repair operational and procedure holes in its network and computer security processes.
On the In Depth show blog, you can listen to the interviews, find more information about the guests on the show each day and links to additional resources.
The contract includes "very stringent" IT security requirements. The announcement follows a data breach that affected 123,000 TSP participants in 2011.
The Federal Energy Regulatory Commission said it needs authority to enforce cybersecurity standards. The agency also wants Congress to expand its jurisdiction over electric grid operators.
The Department of Homeland Security says cyber attacks against the federal government jumped by 40 percent last year.
Greg Wilshusen, GAO\'s Director of Information Security Issues shares his thoughts in the latest Mindshare
Pervasive and sustained cyber attacks continue to pose a potentially devastating threat to the systems and operations of the federal government. And federal agencies face many challenges in combating this threat. Greg Wilshusen is the Director of Information Technology at the Government Accountability Office.