The Government Accountability Office (GAO) recently released a report re-iterating the need for stronger data protections at Federal agencies. The report, “Federal Agencies Need to Better Protect Sensitive Data,” shows that data security incidents continue to rise, up to 67,168 incidents reported in 2014. The GAO has attributed this rise in the number of incidents to a number of deficiencies at federal agencies that put data and systems at unnecessary risk.
Earlier this year, the GAO released a report indicating persistent weaknesses in security programs in all 24 federal agencies examined. These witnesses include deficiencies in areas of access control, software and hardware configuration, and deployment of security management programs. Such deficiencies had continued despite the “hundreds of recommendations” made to agencies by the GAO and inspectors general over recent years.
In this new report, the GAO makes particular note of weaknesses with the design and implementation of information security controls. 19 of 24 agencies covered by the Chief Financial Officers Act declared cybersecurity as a significant deficiency or material weakness, with most of the 24 agencies struggling with limiting, preventing, and detecting inappropriate access to computer resources and managing the configurations of software and hardware.
Over the past six years, the GAO has made about 2,000 recommendations to federal agencies to improve information security programs and controls, with only 58% of these recommendations implemented. These figures are troubling, adding fuel to the increased scrutiny that government agencies face when it comes to data security.
Delivering on the promise of data security while working with government agencies is more challenging than ever before. Government customers trust Absolute as a proven partner and a technology leader in persistent endpoint security and data risk management. Learn more about Absolute’s solutions to address data security and mobility in the public sector here.