FB pixel

U.S. senators voice concern over State Department cybersecurity

U.S. senators voice concern over State Department cybersecurity
 

A group of bipartisan U.S. senators have voiced their concern over State Department cybersecurity.

Senators Cory Gardner (R-CO), Ron Wyden (D-OR), Ed Markey (D-MA), Rand Paul (R-KY), and Jeanne Shaheen (D-NH), called on the State Department to adopt basic cybersecurity measures to protect against phishing, hacks, and other cyberattacks in a letter released yesterday.

Following multiple reports from outside auditors highlighting the department’s failure to adopt measures like multi-factor authentication and regular security audits, which are mandated by the Federal Cybersecurity Enhancement Act, the bipartisan group of five senators raised concerns in a joint letter to Secretary of State Mike Pompeo.

The senators said in the letter that a “password-only approach is no longer sufficient to protect sensitive information from sophisticated phishing attempts and other forms of credential theft.”

The letter also noted that according to a 2018 General Services Administration (GSA) assessment of federal cybersecurity, the State Department had only deployed enhanced access across 11 percent of required agency devices. This not only puts the department at risk, the senators wrote, but it also violates federal law that requires agencies to use multi-factor authentication for all computer accounts with “elevated privileges” utilized by personnel with administrative duties.

“The Department of State’s Inspector General (IG) found last year that 33 percent of diplomatic missions failed to conduct even the most basic cyber threat management practices, like regular reviews and audits,” said the senators. “The IG also noted that experts who tested these systems ‘successfully exploited vulnerabilities in email accounts of Department personnel as well as Department applications and operating systems.’

“We are sure you will agree on the need to protect American diplomacy from cyberattacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of multi-factor authentication.”

The letter reflects aggravation among lawmakers at the lack of movement on cybersecurity issues, especially after President Trump signed an executive order last year to hold agency heads accountable for increasing cybersecurity defenses.

In recent years, the Government Accountability Office (GAO) has issued literally dozens of audit reports to Congress and appropriate federal agencies, and made nearly 2,500 recommendations to these federal agencies to improve their implementation of information security and access security controls.

Article Topics

 |   |   | 

Latest Biometrics News

 

IAM funding deals and dev challenge aim to solve enterprise identity threat

Identity security is under grave threat. For all of its advantages, digital identity represents a vulnerability that can be leveraged…

 

WISeKey in talks with several African govts for digital ID systems rollout

Swiss digital ID provider WISeKey has announced that it is negotiating with an undisclosed number of African governments for the…

 

Biometrics startup gets accelerator backing for Africa, Middle East expansion

Startup Vove ID has secured funding from The Baobab Network to support an expansion of its biometric KYC and AML…

 

NHIs see new funding, products and security approaches

Non-human identities (NHI) like AI agents now outnumber human users in many organizations. Companies are coming up with products to…

 

White House includes NSF research on deepfakes among threats to free speech

The U.S. National Science Foundation (NSF) has new priorities, and while some might call them great priorities – tremendous priorities,…

 

Infineon powers demo of edge biometrics for user onboarding

Edge AI and embedded systems developer embedUR unveiled a pair of solutions for computer vision and biometric onboarding made with…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events