Pandemic relief programs introduced new cyber risks for SBA

0
675
Flanked by Vice President Kamala Harris, left, and Administrator of the Small Business Administration (SBA) Isabella Casillas Guzman, right, President Joe Biden signs the Paycheck Protection Program (PPP) extension in the Oval Office on March 30, 2021, in Washington. A cybersecurity audit of the Small Business Administration found that pandemic relief programs introduced new vulnerabilities in the agency’s IT environment. (Photo by Doug Mills/Pool via Getty Images)

The Small Business Administration’s information security program is “not effective” according to its inspector general.

In a security audit this week, auditors concluded that almost every major domain of the agency’s cybersecurity operations could be considered below the necessary standards to effectively protect data and defend against malicious hacking threats. The report looked at nine such aspects of the agency’s cybersecurity operations: risk management, supply chain risk management, configuration management, identity and access management, security training, data protection and privacy, continuous monitoring, incident response and contingency planning.

Additionally, an influx of new data and software…

Read More…