https://www.nextgov.com/cybersecurity/2019/06/census-cybersecurity-plan-full-holes-watchdog-says/157444/
By Jack Corrigan
Staff Corresponden
Nextgov
June 3, 2019
Federal auditors uncovered numerous holes in the Census Bureau’s plans for
combating the significant cybersecurity and tech threats facing the 2020 count,
which could leave officials struggling to respond to disruptions.
The Government Accountability Office found the bureau’s plan for mitigating
cybersecurity risks during the 2020 Census left out many of the defensive
tactics officials previously said they would use to defend IT systems from
attack. For example, the initial plan included no information about how the
bureau would gather threat intelligence from other federal agencies, something
officials had long said they planned to do, auditors said in a report published
Friday.
After GAO pointed out the omission, Census officials updated the plan to
include threat sharing activities, but it remains “just one of several
[cybersecurity] services” other agencies are expected to perform on the
bureau’s behalf, auditors said.
“If the bureau’s plan for mitigating cybersecurity risks to the census omits
such key activities, then the bureau is limited in its ability to track and
assess those activities, and to hold individuals accountable for completing
activities that could help manage cybersecurity risks,” they wrote.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
