From: Federal Times
By NICOLE BLAKE JOHNSON
Most agencies got low marks on the White House’s latest quarterly scorecard measuring their progress in improving cybersecurity.
With the exception of the Defense Department and the General Services Administration, agencies are well below the administration’s 2014 goal for requiring 90 percent of federal workers and contractors to use Personal Identity Verification (PIV) cards to access agencies’ information systems. The cards help agencies ensure only authorized employees have access to their information systems.
Most agencies have issued cards, but at half of the 24agencies reporting, only 2 percent or less of employees are using them. DoD and GSA are the exceptions, where 84 percent and 93 percent of employees use the cards.
Being able to identify who is on agency systems is one of three areas measured on the scorecard, released Friday.
Also scored :
• Agencies must verify what hardware is connected to their networks and whether it is secure. Specifically, by October 2014, agencies should be using automated software to monitor 95 percent of the devices operating on their networks to know whether they are secure.
Those scores show agencies are struggling to continuously monitor their networks for rogue devices and vulnerabilities on legitimate devices. Eighteen agencies reached the minimum target for monitoring 80 percent of the devices and other hardware connected to their networks, and 12 agencies reached 95 percent, the report said. But one-third of agencies reported decreases in their ability to automate security checks of those devices, once they are detected.
Leave a Reply