6 Biggest Blunders in Government's Annual Cyber Report Card

[InfoSec News <alerts () infosecnews org>]

http://www.nextgov.com/cybersecurity/2015/03/6-biggest-blunders-governments-annual-cyber-report-card/106512/

By Aliya Sternstein
Nextgov.com
March 2, 2015

The White House has released its yearly assessment of agency compliance 
with the governmentwide cyber law known as the Federal Information 
Security Management Act. And given the spate of breaches and hacks that 
hit both government and the private sector, the results may not be all 
that surprising.

Sensitive agency data is often not encrypted. Many departments do not use 
two-step verification for accessing government networks, despite 
post-Sept. 11 requirements that employees carry login smart cards. And 
cyber training is deficient in one of the most unlikely areas…

2014’s Biggest Federal Computer Security Blunders

1. Federal agencies reported 15 percent more information security 
incidents in fiscal 2014 compared to fiscal 2013, rising from 60,753 to 
nearly 70,000 events. These incidents included phishing attempts, malware 
infections and denial-of-service attacks, as well as leaks of paper 
records and sensitive emails sent without encryption.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/