Over the past year, Russia and the People’s Republic of China conducted successful cyber espionage campaigns against federal agencies, compromising some of the United States’ most sensitive information.
The American public may wonder why federal networks remain vulnerable to serious data breaches despite the government spending billions on cybersecurity programs. But new reports from key congressional committees reveal lawmakers’ apparent concerns that the Department of Homeland Security’s key cybersecurity technologies are insufficient to guard against nation-state attacks.
The House Appropriations Committee included alarming language in its report accompanying the fiscal year 2022 funding bill for the Department of Homeland Security, which passed the committee last month. “The Committee is increasingly concerned with the ability of adversaries to circumvent and use existing cybersecurity solutions to gain access to critical systems and data,” the report notes. The appropriators requested more information from Homeland Security about the department’s main cybersecurity technology programs to understand if they are working as well as “an examination of emerging technologies that could improve the government’s data security and protection."
In August, the Senate Homeland Security and Governmental Affairs Committee, led by Sens. Gary Peters and Rob Portman, issued a bipartisan staff report reviewing the state of the federal government’s cybersecurity. The news wasn’t good. Across the federal government, the committee found that large agencies were earning a grade of “C-” and that agencies had made little progress since 2019. The Senate panel also detailed major weaknesses in the Department of Homeland Security’s technology programs. “[The department’s] flagship cybersecurity program for Federal agencies—the National Cybersecurity Protection System (NCPS), operationally known as EINSTEIN—suffers from significant limitations in detecting and preventing intrusions,” committee staff warned.
These congressional committees and panels, which are responsible for funding and overseeing federal cybersecurity, are raising serious concerns that should be a wake-up call to the American public. The federal government’s secrets and the public’s data remain at risk. A closer look at the Department of Homeland Security’s cybersecurity technology projects shows that taxpayers have been spending billions on insufficient cybersecurity technologies despite long-standing concerns.
Click here to read the full article from Lawfare.