NASA and the U.S. Department of State were a few of several federal agencies that were graded with low marks on IT security. This is according to a recent report card given by Security Scorecard, a NY based research firm. The states of Connecticut, Pennsylvania and Washington were also on the list of low scoring participants.
The 2016 U.S. Government Cybersecurity Report was put out earlier this month. The report analyzes the cybersecurity risks and possible points of entry for hackers. The report is conducted with some 600 local, state and federal government agencies and when you talk about the tech sector security means big money (lost or gained). The USG Cybersecurity Report identified that government organizations perform poorly in information security. This is in comparison to private-sector enterprises in industries like transportation, retail, healthcare and other industries.
But here’s where it gets interesting. The Security Scorecard put a special focus on NASA, the FBI and the IRS, all of which have been part of some of the most significant data breaches in 2016. Across the board, government agencies lacked most with malware infections, network security and the timing of regular software patches, the report found. This could be a major focus for investors looking for timely investments for some of the companies on the technology stocks 2016 list
Founded in 2013, Security Scorecard was started by Aleksandr Yampolskiy and Sam Kassoumeh, both information security veterans of the Gilt Groupe members-only sale-of-the-day site. That company was acquired earlier this year for $250 million by the Hudson’s Bay Company, a Canadian retail business group.
A Security Scorecard spokesperson was quoted in a recent interview that the company has built sinkhole infrastructures that reverse engineers malware and capture related data.
“[Our] honeypots are intentionally insecure systems created to monitor various types of attacks. This gives [us] an outside-in perspective that non-intrusively uncovers millions of vulnerability data points across the entire Internet,” the spokesperson said.
“With serious data breaches making headlines on what seems like a weekly basis, our team felt compelled to turn a spotlight on government agencies and determine which of them are demonstrating a commitment to securing their infrastructure and which are falling short,” senior data scientist Luis Vargas said in a statement. “The data we uncovered clearly indicates that while some are improving their security postures, too many are leaving themselves dangerously exposed to risks and vulnerabilities, especially at the larger federal level.”