1Likes
LinkBack URL
About LinkBacksWhile the US government seems keen to blame Chinese telcos and Russian security experts for its IT woes, it is more likely the country's obsession with government departments hiring private contractors.
A new report shows that while the public sector US government agencies are improving their security performance, the contractors they employ are failing to meet the same standards.
BitSight sampled over 1,200 federal contractors and finds that the security rating for federal agencies was 15 or more points higher than the mean of any contractor sector.
More than eight percent of healthcare and wellness contractors have disclosed a data breach since January 2016. Aerospace and defence firms have the next highest breach disclosure rate at 5.6 percent.
While government has been doing well fighting botnets in recent months, botnet infections are still prevalent among the government contractor base, particularly for healthcare and manufacturing contractors.
The study also shows many contractors are not following best practices for network encryption and email security. Nearly 50 percent of contractors have a BitSight grade below C for the Protective Technology subcategory of the NIST Cybersecurity Framework.
One in five users at technology and aerospace/defense contractors have an outdated internet browser, making these employees and their organizations highly susceptible to new variants of malware.
BitSight VP of strategic partnership Jacob Olcott said that tens of thousands of government contractors hold sensitive data or perform services on behalf of federal agencies.
"The US government must be focused on evaluating, monitoring and improving the cyber hygiene of these contractors. Recent contractor regulations, like the new DOD requirements, are a start, but are too focused on check-the-box compliance. Cyber is a dynamic risk. By leveraging objective data and continuously monitoring the supply chain, the federal government will better comprehend the danger within its own ecosystem and begin to meaningfully mitigate this risk."
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
Results 1 to 1 of 1
-
02-20-2018 #1sednaGuest
Private US contractors are biggest security threat
kirill likes this.
Reply With Quote
