National: Federal Election Commission Faces Serious Security Failings, with Few Plans to Remedy | Infosecurity
Just weeks after the US Department of Energy was shown to have disregarded proper cybersecurity measures, the Federal Election Commission (FEC) is facing what an independent auditor calls “significant deficiencies” when it comes to its cybersecurity posture. The FEC in fact remained at “high risk for future network intrusions”. However, the electoral watchdog said that it has little interest in implementing even minimum IT security controls. The audit firm, Leon Snead & Co., said in the audit that the FEC’s IT security program does not meet government-wide best practice minimum requirements in many areas. That includes carrying out due diligence information as part of an organization-wide risk management program, using the risk management tools and techniques to implement and maintain modern safeguards and countermeasures, and ensuring the necessary resilience to support ongoing federal responsibilities, critical infrastructure applications and continuity of government in the event of an attack.