Home / News / Rep. Jason Chaffetz: Agencies Strive to Meet Security Updates Deadline

Rep. Jason Chaffetz: Agencies Strive to Meet Security Updates Deadline

cybersecurityRep. Jason Chaffetz (R-Utah), chairman of the House Oversight and Government Reform Committee, has pointed up the struggle of various agencies in implementing security patches on time for critical vulnerabilities, Federal News Radio reported Wednesday.

Meredith Somers writes Chaffetz told committee members at a hearing Wednesday that 39 out of more than 360 vulnerabilities have yet to be fixed 10 months after the Department of Homeland Security ordered agencies to ensure flaws are patched within a month.

Andy Ozment, DHS assistant secretary for cybersecurity and communications, said these critical vulnerabilities include legacy software tools and unsupported devices, according to the report.

Rep. William Hurd (R-Texas) cited a December hack into Juniper Networks‘ ScreenOS software used by NASA and the departments of Treasury and Commerce during the hearing, Somers reports.

“Of the 12 agencies affected, three, including the [Treasury], took longer than 50 days to fully install patches and mitigate the threat posed by this vulnerability,” Hurd explained to the committee.

Lawmakers currently work on various bills to push for the modernization of outdated systems.

Rep. Steny Hoyer (D-Md.) introduced the Information Technology Modernization Act in April to finance the update for old federal IT systems, FCW’s Aisha Chowdhry reported Thursday.

The report said Sens. Jerry Moran (R-Kan.) and Tom Udall (D-N.M.) crafted the Cloud Infrastructure Transition Act in a bid to authorize the Federal Risk and Authorization Management Program to accredit commercial cloud service providers and help create working capital funds for IT modernization.

Check Also

Vice Adm. Matthew Kohler on Navy’s Current Information Warfare Approach

Vice Adm. Matthew Kohler, the top information warfare officer at the U.S. Navy, told C4ISRNET in an interview published Monday that the service considers information warfare as decisive both in daily operations and high-end kinetic fight. “In information warfare, while the rest of the warfare areas are involved in the high-end conflict [eventually], we consider the high-end conflict now. Constant contact with the enemy in terms of cybersecurity, being able to operate within the [electromagnetic spectrum], all of those. We consider ourselves in contact with the adversary now,” Kohler said. 

Leave a Reply

Your email address will not be published. Required fields are marked *