The federal agency that oversees cyber security for the government could stand to be a little more secure itself, according to an audit released by the Department of Homeland Security (DHS).
For example, the department’s National Cyber Security Division should routinely test firewalls and document the results every three months to protect its own systems from hackers or attacks. “Existing vulnerabilities can compromise the confidentiality, integrity, and availability of sensitive cyber security data,” the DHS inspector general’s audit report said.
The cyber division also needs to do a better job of tracking network problems as they arise and to deploy the appropriate security software patches. Lapses in those areas were highlighted when the audit team ran two system scans a year apart, and found several high risk vulnerabilities caught in the first scan still lingering a year later.
Not all the problems identified were confined to cyber space. The cyber-crime unit must keep its computer server rooms between 60 and 70 degrees, with humidity between 35 and 65 percent. In one Florida facility, the inspector general found “four computer consoles in the server room recorded temperatures of 40 degrees, 75 degrees, 77 degrees and 82 degrees. The humidity in the server room was 78 percent.”
FAST FACT: The cyber security division uses a network dubbed MOE, for Mission Operating Environment, to share security incident data and IT anomalies among its staff. A separate technology nicknamed Einstein, for National Cyber Security Protection System, detects intrusions and defends against attacks.
Other new reports released by agencies including the Government Accountability Office (GAO) and various federal Offices of Inspector General (OIG):
* IRS must make sure it can identify taxpayers required to repay tax credit for first-time home buyers (OIG)
* Most taxpayers who go to local IRS offices for help are generally satisfied with the customer service they receive (OIG)
* Continuing increases in obesity rates could add 3 percent to U.S. per capita health care spending by 2020 (Congressional Budget Office)
* Pentagon pays higher administrative costs associated with university research grants than the Health and Human Services Dept. (GAO)
* Homeland Security Dept. has “material weakness” in information technology controls over its financial reporting (OIG)