Senate report finds major cyber shortcomings in federal agencies

A bipartisan report released by the Senate Homeland Security and Governmental Affairs Committee on Tuesday found “stark” shortcomings in the cybersecurity posture of many major federal agencies in the midst of escalating cyberattacks against both the U.S. government and private sector.

The report, compiled by the leaders of the panel, found that seven federal agencies “have not met the basic cybersecurity standards necessary to protect America’s sensitive data.” According to data from each agency’s inspector general, the average grade for information security maturity among large federal agencies was a C-.

The new report was released two years after the committee’s subpanel on investigations, at the time headed by current full committee ranking member Sen. Rob Portman (R-Ohio), found that eight federal agencies had failed to update system vulnerabilities and left the personal information of Americans open to theft by hackers.

The report released Tuesday built on the 2019 findings and concluded that out of the eight agencies studied, only the Department of Homeland Security had implemented an “effective security program for 2020,” while the other seven “still fail at effectively securing data.”