Government Cybersecurity Still Lacking, Study Shows

Government cybersecurity is very much a tale of two cities. Agencies that deal with money, weapons programs, and intelligence tend to be pretty secure. Those that don’t, like the Office of Personnel Management (OPM), have a history of high-profile hacks. Though some gains in defense have been made by the OPM and the IRS, a recent analysis of 552 local, state, and federal organizations found serious deficiencies.

These include:

  • Not replacing outdated software
  • Not patching current software
  • Password reuse on administrative accounts
  • Lax individual endpoint defense, including under-protected or unprotected Internet of Things devices
  • Poor management of devised exposed to public internet servers
  • Poor IP address reputation, meaning many IP addresses associated with the government or designated for government use show suspicious activity and may be compromised

The good news? Many of these vulnerabilities are fixable.

The size of the organization didn’t tend to have a big impact on its cybersecurity effectiveness. Some smaller government organizations had strong cybersecurity showings, like the Wisconsin Court System and the City of Indianapolis, while other comparably sized organizations showed serious flaws. Basic security hygiene issues are predominant.

Picking the Low Hanging Fruit

The number of state, local and federal organizations and the lack of clear, overarching cybersecurity regulations has meant that many organizations are failing to pick low hanging fruit. Lacking any legislative changes to government cybersecurity standards, it will remain the responsibility of individual organizations to start with the basics. CertainSafe can help.

MicroEncryption® from CertainSafe

With MicroEncryption® CertainSafe breaks sensitive data down into encrypted file elements, converts them into mathematically unique ‘tokens’, and stores them in different physical locations—eliminating the possibility of a mass data breach. For ease of access, our Digital Vault provides real-time file retrieval from an easy-to-use data storage system that’s ensured by MicroEncryption technology. For more information, please visit our homepage or contact us today.