A new study from the Information Technology and Innovation Foundation says 92 percent of the U.S. federal government’s most popular websites do not meet basic standards for security, speed, mobile friendliness or accessibility.

ITIF said Wednesday it analyzed 297 U.S. government websites in the top 1 million websites worldwide and assessed them on criteria such as security, speed, mobile friendliness and accessibility.

“Considering that many constituents rely on federal websites to interact with government, it is incumbent upon the new administration, supported by Congress, to make websites more convenient, accessible, and secure,” said Alan McQuinn, an ITIF research analyst.

The foundation identified healthdata.gov, healthfinder.gov, consumerfinance.gov, whitehouse.gov and usembassy.gov as the top five highest-performing websites under the current administration.

ITIF’s report also ranked usphs.gov, fmc.gov, osti.gov, trade.gov and ipcc-wg2.gov as the lowest performing websites among those studied.

Ninety-two percent of the reviewed websites failed in at least one of four categories while 33 percent failed the test for Secure Sockets Layer certificates, ITIF said.

SSL is a standard technology for encrypted internet communications that executive branch websites are required to use.

The study revealed that 14 percent of surveyed websites lacked SSL certificates while 19 percent had SSL but failed the test due to substandard implementation.

Websites of the Defense Department, International Trade Administration and U.S. Courts are among those that failed the test for SSL certificates.

Ten percent of federal websites failed to deploy a set of protocols called Domain Name System Security and used to secure domain name system lookup and exchange processes.

ITIF also found that 22 percent of websites failed the speed test for desktops; 64 percent failed the mobile device speed test; 41 percent were not mobile-friendly; and 42 percent were not accessible for users with disabilities.

FBI Director James Comey has outlined the bureau’s five-point strategy to mitigate cyber intrusions during his speech at a forum held Wednesday at Boston College.

Comey said the bureau implemented several initiatives to boost operations and hiring practices; clarify investigative measures in U.S. and foster cooperation abroad; and sanction malicious cyber behavior, according to an FBI press release published Wednesday.

The bureau’s strategy also includes provision of training, equipment and task forces to increase the “digital literacy” of state and local partners as well as better collaboration with private sector entities.

Comey noted industry members are the primary targets of cyber attacks but majority of these organizations do not seek law enforcement support after a cyber breach.

The director added cyber criminals include nation-states, multinational syndicates, insiders, hacktivists and terrorists who are after information, access and advantage.

“We’re not only worried about loss of data, but corruption of that data and lack of access to our own information,” Comey stated.

He said that public and private sector entities can help address threats through reduced vulnerabilities, accountability and mitigation of damage.

The conference is a joint effort of FBI and Boston College’s Cybersecurity Policy and Governance master’s degree program.