1. Computing

The U.S. government is worse at cybersecurity than just about everyone else

Lulu Chang
By

Cybersecurity Act of 2012 SECURE IT Act
Looking for another reason to mistrust the government? Its shoddy cybersecurity practices may be just the ammunition you need. New data from security risk benchmarking startup SecurityScorecard suggests that when it comes to safe practices online, U.S. federal, state, and local government agencies rank dead last in comparison to 17 major private industries, including transportation, retail, and healthcare. The report examined the “overall security hygiene and security reaction time” of government institutions, paying special attention to NASA, the FBI, and the IRS, all of which were hacked earlier this year.

Topics of interest included vulnerability to malware infections, exposure rates of passwords, and susceptibility to social engineering, among other criteria.

The results were none too complimentary for our government. “Across all industries surveyed by SecurityScorecard,” the report notes, “U.S. government organizations received the lowest security scores. SecurityScorecard tracked 35 data breaches among all U.S. government organizations between April 2015 and April 2016.”

The biggest deficiencies were found within three categories of security; Malware Infections, Network Security, and Software Patching Cadence. Shockingly, 90 percent of state organizations scored an “F” in Software Patching Cadence, and 80 percent received the same score in Network Security.

But the worst offender of all was NASA, who received the lowest score among all 600 U.S. government organizations surveyed. Joining the bottom feeders were the U.S. Department of State, and the IT systems of Connecticut, Pennsylvania, and Washington.

The Obama administration has certainly made attempts to address the overarching insufficiency of cybersecurity practices currently in play across a range of agencies. President Obama has asked for $19 billion from Congress to improve tech defenses, including $3.1 billion to modernize the IT infrastructure at a number of federal agencies.

“With serious data breaches making headlines on what seems like a weekly basis, our team felt compelled to turn a spotlight on government agencies and determine which of them are demonstrating a commitment to securing their infrastructure and which are falling short,” said Dr. Luis Vargas, senior data scientist at SecurityScorecard. “The data we uncovered clearly indicates that while some are improving their security postures, too many are leaving themselves dangerously exposed to risks and vulnerabilities, especially at the larger federal level.”

Editors' Recommendations

Why the FTC (and everyone else) is trying to block Nvidia from buying ARM

ARM logo on the side of a building.

The best TV shows on Amazon Prime Video right now

George and Louise Jefferson from The Jeffersons, sitting on the couching smiling.

The 100 best Android apps (December 2021)

best Android apps

How to watch Fury vs. Wilder 3 online in the U.S.

Fury vs Wilder 3 weigh in and face to face picture.

With Tesla bleeding money, Elon Musk initiates hardcore spending review

Tesla Model Y front

Best refurbished MacBook deals for December 2021

macbook pro 13 inch vs air m1

Amazon Echo vs. Echo Dot: Battle of siblings

Amazon Echo Dot (4th Gen) with Clock front

The magnificent Pixel 6 Pro should make you very excited about a Pixel Watch

Pixel 6 Pro with the Pixel 6, and Pixel 4a in the middle.

The best Combat Shotgun loadouts in Call of Duty: Vanguard

Combat Shotgun in Call of Duty: Vanguard.

Smart lighting voice control guide

Philips Hue Appear Outdoor smart light.

Best SSD deals for December 2021

OCZ SATA SSD

Smart lighting for safety and security

Wyze Cam Floodlight

Best gaming deals for December 2021

father and son playing video games