Comment: US Government Institutions Not Complying With Cybersecurity Laws

An audit of Mississippi government institutions has revealed an alarming lack of compliance with standard cybersecurity practices and with the state’s own enterprise security program. A survey of 125 state agencies, boards, commissions, and universities conducted by the Office of the State Auditor (OSA) revealed that only 53 had a cybersecurity policy in place. Eleven reported having no security policy or disaster recovery plan whatsoever.


EXPERTS COMMENTS
Ilia Kolochenko, Founder and CEO,  ImmuniWeb
October 14, 2019
Sadly, most of the governmental agencies in the US and Europe are similarly underprotected.
Sadly, most of the governmental agencies in the US and Europe are similarly underprotected. The government usually lacks financial resources and are unable to effectively compete on the market for cybersecurity talents. Moreover, purchasing and procurement processes are usually quite complicated and slow, exacerbating the situation. Hierarchy is likewise complicated, obscuring accountability and responsibility for cybersecurity. Cybercriminals widely regard government as low-hanging fruit, running targeted attacks and ransomware campaigns against it. Worse, most of the data-theft attacks are sophisticated enough to never get detected and reported, differently from quite “noisy” ransomware incidents. Simplification of internal processes, budget increase, holistic visibility of digital assets and continuous security monitoring – are all indispensable for the government to survive in the hostile digital environment.

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :



Join the Conversation

Join the Conversation


In this article