A new White House report says three quarters of Federal agencies are not managing their cybersecurity risk correctly and are consequently at “risk or high risk” of data theft or network intrusion due to poor cybersecurity programs.
The recently-released Federal Cybersecurity Risk Determination Report and Action Plan found that 71 of the 96 Federal agencies assessed are “not equipped to determine how threat actors seek to gain access to their information,” and these agencies are missing either “fundamental cybersecurity policies” or have “significant gaps” in their programs. Just 26 percent of agencies were deemed to be managing risk appropriately.
While it takes the majority of Federal agencies to task for failing to reduce cybersecurity risks, the report does not name any of the agencies it assessed.
President Trump commissioned the report in May 2017 upon the release of his Cyber Executive Order, which required all Federal agencies to submit risk…
