Home / News / Report: Commerce Dept. Cybersecurity is Inadequate

Report: Commerce Dept. Cybersecurity is Inadequate

Commerce Dept. CIO Simon Szykman; Photo: ocio.os.doc.gov

Intellectual property crime in the cyber age has long been a concern, with one notable estimate putting the loss by American business at $1 trillion.

However, a new report by the Commerce Department’s inspector general suggests the agency tasked with promoting economic growth needs to secure its own networks as well.

According to the Commerce Department’s IG, the agency’s cybersecurity is “not adequate.”

The report identified four areas of concern:

1)      The risk of a serious breach because of serious vulnerabilities is higher than once thought.

2)      The process for reporting and tracking security weaknesses is deficient.

3)      Inadequate contingency planning threatens the ability to restore data after a disruption.

4)      “Persistent deficiencies” reduce the overall level of information assurance.

The IG recommends the agency revise its current cybersecurity practices by “providing specific implementation guidance that will ensure more effective and consistent practices across” the Commerce Deptartment.

The report also advises further action from management so that the deficiencies can be “rectified.”

The Patent and Trademark Office is particularly vulnerable, FierceGovernmentIT reports. The report found 30.5 vulnerabilities per computer even though previous internal audits found only 1.7 vulnerabilities per computer.

There has been little official response to the report, according to FierceGovernmentIT. The IG’s report says Commerce’s Chief Information Officer Simon Szykman “concurred with our findings and recommendations.”

Check Also

Symantec Exec Jeff Greene Named NCCoE Director

Jeff Greene, vice president of global government affairs and policy at Symantec, has been appointed director of the National Cybersecurity Center of Excellence, Inside Cybersecurity reported Tuesday.

Leave a Reply

Your email address will not be published. Required fields are marked *