Despite Triage, US Federal Cybersecurity Still Lags Behind

An anonymous reader writes: According to the NY Times, U.S. government officials will soon announce all the improvements their IT security teams have made to federal systems in response to the OPM breach. Unfortunately, says the Times, these updates only just scratch the surface, and are more to show that the government is "doing something" than to fix the long-standing problems with how it handles security. "After neglect that has been documented in dozens of audits for nearly two decades, the federal government is still far behind its adversaries. And it is still struggling to procure the latest technological defenses or attract the kind of digital security expertise necessary to secure its networks."

It seems each agency has to be hit by a cyberattack, causing it to go into panic-mode independently, before learning to properly safeguard its systems. Officials say far too much money is wasted on figuring out who and what to blame, rather than on ameliorating the problem. "At the Internal Revenue Service, auditors identified 69 vulnerabilities in the agency's networks last year, but when officials there told Government Accountability Office auditors this year that they had fixed 24 of those problems, investigators found only 14 had been resolved."

The root of the problem ..

[nickweller]

"Department of Homeland Security (DHS)/Chief Information Officer (CIO) has determined that Microsoft will be the Department-wide standard desktop operating system, e-mail system, and office automation tool." ref
--

'thousands of low-level employees and contractors with access to the nation’s most sensitive secrets have been cut off.'

What do you expect?

[humptheElephant]

After years of congress attacking federal workers, federal workers can't have the best moral. If you want good results from your government, you should treat them better. Right now congress makes it a self-fulfilling prophecy that government is bad so lets drown it in the bathtub. What competent person would go to work for the government under the conditions that congress has imposed on them in the last few years? Also every time a new administration is voted in, the new guys put their guys in at the top of the agencies, usually based on how these guys helped win the election rather than their qualifications for the job. What could possibly go wrong?

Re:No surprise at the lag

[drinkypoo]

These problems were created over a period of years, exacerbated by poor and uneven budgeting, congressional pork and mandates, and red tape.

Not really. These problems are caused specifically by corruption. Each department wants to hide its malfeasance from each other department, so they don't pool resources, so they reinvent the wheel repeatedly. Therefore, each organization has the chance to make the same mistakes over and over again. If our government was not corrupt from root to leaf, then we could have one office of information technology which handled all of these systems for all of these departments, and which is in a position to recognize security issues and address them across the entire organization.

Most people don't appreciate the extent to which corruption makes an organization less efficient. Literally every efficiency problem in our government can be traced to corruption.