For both 2013 and 2014, the Nuclear Regulatory Commission scored a zero on use of strong authentication to secure their computer networks and the sensitive data managed by the agency, an executive branch report said.
By comparison, the office of Housing and Urban Development, the Labor Department and the Small Business Administration also scored zero on both years, while most other government agencies increased their security efforts in 2014 compared to the year before.
Nine agencies scored zero in 2013, while only four of those repeated that score in 2014.
By contrast, the most recent Federal Information Security Management Act (FISMA) report said the Department of Defense scored 89 percent in 2013 and 87 percent in 2014, while the Social Security Administration scored an 85 percent on both years. The next highest rating was given to the Commerce Department, which scored a 30 percent in 2013 and an 88 percent in 2014.
Nine agencies posted scores of 69 percent or higher for 2014.
The report called 2014 a pivotal year in cybersecurity. “Federal agencies reported nearly 70,000 information security incidents in Fiscal Year 2014, up 15 percent from FY 2013,” the report said. “Strong Authentication remains a key challenge.” The overall score for strong authentication was 72 percent in 2014, but the report noted “this is partially buoyed by the size and strong performance of the Department of Defense.”
Taking the DOD out of the equation, drops the overall score to 41 percent, the report said.
The attacks on the networks come in a variety of ways, including denial of services, improper usage, phishing, social engineering and use of malicious codes.
NRC scored high in the category of information security continuous monitoring, with a 95 percent score in 2013 and an 89 percent score in 2014. The averages for these scores are high, however, coming in at 81 percent in 2013 and 92 percent in 2014 among 24 agencies.
NRC also made the grade in TIC (trusted internet connections) traffic consolidation, earning a passing score, along with 19 others. And it was one of only four agencies to hit the target of 100 percent in TIC capabilities in 2014.
In addition the Office of Management and Budget, which complied the report, noted that President Obama has asked Congress for an additional $582 million in fiscal year 2016 for efforts to beef up cybersecurity, including the EINSTEIN 3 security program, which is being deployed by the Department of Homeland Security.
Anonymous comments will be moderated. Join for free and post now!
