department of homeland security Archives - Data Privacy and Security™

December 11, 2018 Cyber Risk / Cybersecurity

Congress Concludes Additional Federal Oversight Needed after Equifax Data Breach

“Equifax…failed to implement an adequate security program to protect this sensitive data…Such a breach was entirely preventable.” So concludes the December 2018 report on “The Equifax Data Breach” by the U.S. House of Representatives Committee on Oversight and Government Reform. The cause, according to the report, was Equifax’s “acquisition strategy [to benefit] bottom line and stock price,” which “growth brought increasing complexity to Equifax’s IT systems, and expanded data security risks.” Risks, it seems, Equifax did not manage. In 2017, the Department of Homeland Security… Continue Reading

October 28, 2015 Cybersecurity / Legislation

Controversial Cybersecurity Information Sharing Act Passes Senate, Will Likely Become Law

On October 27, 2015, the United States Senate passed S.754, the Cybersecurity Information Sharing Act (CISA or the Act) 74-21. Without requiring such information sharing, CISA would create a system for federal agencies to receive threat information from private companies in real time. However, the bill is not without controversy. As we discussed in August the Department of Homeland Security raised concerns in July and August that the “real time collaboration” requirement in CISA would not permit them to scrub personal information… Continue Reading

June 17, 2015 Cyber Attacks / Cyber Breach / Cybersecurity

Federal Cybersecurity Problems “Decades in the Making”

Yesterday, the House Oversight Committee received testimony from federal officials regarding the April 2015 cyberattack on the Office of Personnel Management (OPM), which compromised the personal information of approximately 4 million government employees and retirees, including social security numbers. The executive branch delayed reporting the incident until June 4, much to the dismay of the House Committee. OPM head Catherine Archuleta was under fire for what Committee Chairman Jason Chaffetz, R-Utah, called the “most devastating” cyberattack in United States’ history. Ms. Archuleta attempted to avoid… Continue Reading

January 27, 2015 Cyber Attacks / Cyber Breach / Cybersecurity

Department of Homeland Security Must Assess Cyber Risks to Building Access and Control Systems

The U.S. Government Accounting Office (GAO) issued a report this month calling on the Department of Homeland Security (DHS) and General Services Administration (GSA) to develop and implement a strategy to address cyber risks to building and access control systems, including the computers that monitor and control building operations such as elevators, electrical power, and heating, ventilation, and air conditioning. As these systems are increasingly connected to other information systems and the Internet, there is greater vulnerability to cyber attacks, which, the report explains, “could… Continue Reading