Rep. Jason Chaffetz: Agencies Strive to Meet Security Updates Deadline

cybersecurityRep. Jason Chaffetz (R-Utah), chairman of the House Oversight and Government Reform Committee, has pointed up the struggle of various agencies in implementing security patches on time for critical vulnerabilities, Federal News Radio reported Wednesday.

Meredith Somers writes Chaffetz told committee members at a hearing Wednesday that 39 out of more than 360 vulnerabilities have yet to be fixed 10 months after the Department of Homeland Security ordered agencies to ensure flaws are patched within a month.

Andy Ozment, DHS assistant secretary for cybersecurity and communications, said these critical vulnerabilities include legacy software tools and unsupported devices, according to the report.

Rep. William Hurd (R-Texas) cited a December hack into Juniper Networks‘ ScreenOS software used by NASA and the departments of Treasury and Commerce during the hearing, Somers reports.

“Of the 12 agencies affected, three, including the [Treasury], took longer than 50 days to fully install patches and mitigate the threat posed by this vulnerability,” Hurd explained to the committee.

Lawmakers currently work on various bills to push for the modernization of outdated systems.

Rep. Steny Hoyer (D-Md.) introduced the Information Technology Modernization Act in April to finance the update for old federal IT systems, FCW’s Aisha Chowdhry reported Thursday.

The report said Sens. Jerry Moran (R-Kan.) and Tom Udall (D-N.M.) crafted the Cloud Infrastructure Transition Act in a bid to authorize the Federal Risk and Authorization Management Program to accredit commercial cloud service providers and help create working capital funds for IT modernization.

Check Also


FireEye to Provide Cybersecurity Defenses to Texas DIR; Pat Sheridan Quoted

FireEye, Inc. has announced that it will offer cyber security defenses to Texas public sector agencies, under Texas Department of Information Resources (DIR), the company reported on Thursday. Through the end of 2020, FireEye security products and Mandiant Solutions services will be available to all Texas agencies, county governments, cities and school districts through DIR’s Bulk Purchase Initiative for Endpoint Detection and Response (EDR) solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *