I’ve spoken on this topic before but I feel it is worth revisiting. The Inspector General noted that the US Department of Homeland Security – the government division ostensibly responsible for ensuring cybersecurity throughout the nation – itself suffers from serious cyber-vulnerabilities.
So, what has been done since this announcement in December of 2013? Not much. It is continuously frustrating to see business after business reamed for being the victim of cyberattacks breaching customer information when the DHS’s own website sits like a sitting duck. Why isn’t their website held to the same standard, if not a higher one, than private entities? Frustrating, right?!
What exactly is wrong with the DHS? Well, it has leaks so to speak. Windows XP – an operating system that was released over twelve years ago and for which Microsoft plans to stop issuing security patches in the near future – continues to run on computers at DHS headquarters. There is nothing really being done to configure a change in this operating system because 1) the workload is heavy and 2) the workload is heavy.
My point is change requires getting our hands dirty. An ounce of prevention outweighs the unthinkable results that could happen if these patches are not fixed.
Twyla N. Garrett