[ISN] 6 Biggest Blunders in Government’s Annual Cyber Report Card

http://www.nextgov.com/cybersecurity/2015/03/6-biggest-blunders-governments-annual-cyber-report-card/106512/ By Aliya Sternstein Nextgov.com March 2, 2015 The White House has released its yearly assessment of agency compliance with the governmentwide cyber law known as the Federal Information Security Management Act. And given the spate of breaches and hacks that hit both government and the private sector, the results may not be all that surprising. Sensitive agency data is often not encrypted. Many departments do not use two-step verification for accessing government networks, despite post-Sept. 11 requirements that employees carry login smart cards. And cyber training is deficient in one of the most unlikely areas… 2014’s Biggest Federal Computer Security Blunders 1. Federal agencies reported 15 percent more information security incidents in fiscal 2014 compared to fiscal 2013, rising from 60,753 to nearly 70,000 events. These incidents included phishing attempts, malware infections and denial-of-service attacks, as well as leaks of paper records and sensitive emails sent without encryption. […]