Home / News / Rep. Jason Chaffetz: Agencies Strive to Meet Security Updates Deadline

Rep. Jason Chaffetz: Agencies Strive to Meet Security Updates Deadline

cybersecurityRep. Jason Chaffetz (R-Utah), chairman of the House Oversight and Government Reform Committee, has pointed up the struggle of various agencies in implementing security patches on time for critical vulnerabilities, Federal News Radio reported Wednesday.

Meredith Somers writes Chaffetz told committee members at a hearing Wednesday that 39 out of more than 360 vulnerabilities have yet to be fixed 10 months after the Department of Homeland Security ordered agencies to ensure flaws are patched within a month.

Andy Ozment, DHS assistant secretary for cybersecurity and communications, said these critical vulnerabilities include legacy software tools and unsupported devices, according to the report.

Rep. William Hurd (R-Texas) cited a December hack into Juniper Networks‘ ScreenOS software used by NASA and the departments of Treasury and Commerce during the hearing, Somers reports.

“Of the 12 agencies affected, three, including the [Treasury], took longer than 50 days to fully install patches and mitigate the threat posed by this vulnerability,” Hurd explained to the committee.

Lawmakers currently work on various bills to push for the modernization of outdated systems.

Rep. Steny Hoyer (D-Md.) introduced the Information Technology Modernization Act in April to finance the update for old federal IT systems, FCW’s Aisha Chowdhry reported Thursday.

The report said Sens. Jerry Moran (R-Kan.) and Tom Udall (D-N.M.) crafted the Cloud Infrastructure Transition Act in a bid to authorize the Federal Risk and Authorization Management Program to accredit commercial cloud service providers and help create working capital funds for IT modernization.

Check Also

USCIS Launching System Modernization, Supply Chain Security Initiatives

The U.S. Citizenship and Immigration Services is working on modernizing its systems and fortifying software security at the supply chain level, Federal Times reported Friday. Adrian Monza, chief of the Department of Homeland Security component's cyber defense branch, told the publication that USCIS is launching “very significant” modernization efforts and that other agencies must be able to defend their networks against threats to financial databases.

Leave a Reply

Your email address will not be published. Required fields are marked *