ARRA News Service
News Blog for social, fiscal & national security conservatives who believe in God, family & the USA. Upholding the rights granted by God & guaranteed by the U.S. Constitution, traditional family values, "republican" principles / ideals, transparent & limited "smaller" government, free markets, lower taxes, due process of law, liberty & individual freedom. Content approval rests with the ARRA News Service Editor. Opinions are those of the authors. While varied positions are reported, beliefs & principles remain fixed. No revenue is generated for or by this "Blog" - no paid ads - no payments for articles. Fair Use Doctrine is posted & used.
Blogger/Editor/Founder: Bill Smith, Ph.D. [aka: OzarkGuru & 2010 AFP National Blogger of the Year]
Contact: editor@arranewsservice.com (Pub. Since July, 2006)
    Home Page
   

One of the penalties for refusing to participate in politics is that you end up being governed by your inferiors. -- Plato (429-347 BC)

Tuesday, August 11, 2015

ICYMI: HHS Information Security Deficiencies

House Energy and Commerce Committee Chairman Fred Upton (R-MI) and Oversight and Investigations Subcommittee Chairman Tim Murphy (R-PA) last week released the findings of a yearlong investigation into the information security practices at the Department of Health and Human Services. The investigation found numerous deficiencies with HHS’ information security protocols that stem from a poorly-structured information security regime.

The report recommends solutions to better secure sensitive systems and information at HHS and its operating divisions, including making the Chief Information Security Officer the “primary authority for information security” and moving all information security functions (including the CISO) to the general or chief counsel’s office. To read the report, click here.

More on the report from the Washington Times, The Hill, and Federal News Radio, below.

WashingtonTimes, August 7, 2015 - HHS hacked five times in three years, House committee says… In a report published Thursday, the House of Representatives Committee on Energy and Commerce announced that an investigation into a security breach suffered by the Food and Drug Administration in 2013 revealed that several subsets within HHS had been compromised by hackers.

“What we found is alarming and unacceptable,” committee Chairman Fred Upton, Michigan Republican, and Oversight and Investigations Subcommittee Chairman Tim Murphy, Pennsylvania Republican, said in a joint statement. “At a time when sensitive information is held by so many in the public and private sectors, Americans should not have to worry that the U.S. government is left so vulnerable to attack.”

The 27-page review of HHS information security found that five operating divisions had been breached using unsophisticated means within the past three years, including the FDA.

“Of concern to the committee,” the report reads, “officials at the affected agencies often struggled to provide accurate, clear and sufficient information on the security incidents” during the course of their investigation. …

According to the committee, officials at two breached agencies were unable to provide accurate details about security incidents within their own networks.

“These incidents raise questions about whether information security officials have the appropriate level of expertise,” the report reads.

“While it is impossible to fully protect against cyber attacks, we have a responsibility to approach these issues with necessary foresight and diligence to minimize vulnerabilities and maximize security,” Upton and Murphy said. …
Read the full article online HERE.

The Hill, August 7, 2015 - HHS hacked five times in three yearsHackers have breached at least five divisions of the Department of Health & Human Services (HHS) over the last three years.

That's according to the House Energy & Commerce Committee, which on Thursday released its findings from a yearlong look into the security of HHS networks ….

The committee launched the security review after the Food and Drug Administration (FDA), a department within HHS, suffered a breach in late 2013 that exposed account details on more than 14,000 people. …

“Of concern to the committee, officials at the affected agencies often struggled to provide accurate, clear and sufficient information on the security incidents during the committee’s investigation,” the report said.

In some cases, the confusion may have resulted from information security workers not being given the right authorities. …

In other cases, offices were poorly organized or simply made mistakes. …
Read the full article online HERE.

Federal News Radio, Aug 7, 2015 - House panel: HHS’ lawyers could secure IT networks better than its CIOsChief information officers are so concerned with operating IT networks that they skimp on cybersecurity, according to a congressional investigation of multiple data breaches at the Health and Human Services Department.

The report, by Republicans on the House Committee on Energy and Commerce, concludes that agency lawyers, who are trained to minimize risks, would do a better job of safeguarding IT networks. ...

“What we found is alarming and unacceptable. At a time when sensitive information is held by so many in the public and private sectors, Americans should not have to worry that the U.S. government is left so vulnerable to attack. With the recent Office of Personnel Management attack serving as another example of how wrong things can go, this report pulls back the curtain and sheds light on serious deficiencies in HHS’s information security practices,” said Committee Chairman Fred Upton (R-Mich.) and Rep. Tim Murphy (R-Pa.) in a joint statement.

By law, chief information security officers (CISO) now are part of CIO offices. But the two roles have different priorities. CIOs want network operations to run smoothly. Security concerns — the purview of CISOs — may delay or slow down those operations.

When there is a conflict between the two, “operational needs are prioritized and security concerns downplayed, delayed or ignored,” the report said. …

The committee recommended that HHS strip its CIOs of all security-related responsibilities. CISOs would move from the CIO offices to those of the general counsel. ...

“We look forward to working with HHS, FDA, NIH, and others to develop solutions to better protect this information. Unfortunately, the bar has been set low and we have nowhere to go but up,” Upton and Murphy said in their written statement.
Read the full article online HERE.

Tags: Health and Human Services, HHS, Information Security, deficiencies, news sources, House Energy and Commerce Committee To share or post to your site, click on "Post Link". Please mention / link to the ARRA News Service. and "Like" Facebook Page - Thanks!
Posted by Bill Smith at 7:16 PM - Post Link

0 Comments:

Post a Comment

<< Home


View U.S. National Debt

Don't miss anything!
Subscribe to the
ARRA News Service
It's FREE & No Ads!

You will receive a verification email
& must validate you subscribed!

You Then Receive One Email Each AM
With Prior Days Articles / Toons / More


Also, Join & leave conservative posts & comments on
Facebook.com/ARRANewsService


Recent Posts:
Personal Tweets by the editor:
Dr. Bill - OzarkGuru - @arra
#Christian Conservative; Retired USAF & Grad Professor. Constitution NRA ProLife schoolchoice fairtax - Editor ARRA NEWS SERVICE. THANKS FOR FOLLOWING!

Action Links!
State Upper & Lower House Members
State Attorney Generals
State Governors
The White House
US House of Representatives
US Senators
GrassFire
NumbersUSA
Ballotpedia

Facebook Accts - Dr. Bill Smith
Pages:
ARRA News Service
Arkansans Against Big Government
Alley-White Am. Legion #52
Catholics & Protestants United Against Discrimination
End Taxpayer Funding of NPR
Overturn Roe V. Wade
Prolife Soldiers
Project Wildfire 4 Life
Republican Liberty Caucus of Arkansas
The Gold Standard
US Atty Gen Loretta Lynch, aka Eric Holder, Must Go
Veterans for Sarah Palin
Why Vote for Hillary (Satire)
FB Groups:
Arkansas For Sarah Palin
Arkansas Conservative Caucus
Arkansas County Tea Party
Arkansans' Discussion Group on National Issues
Blogs for Borders
Conservative Solutions
Conservative Voices
Defend Marriage -- Arkansas
FairTax
FairTax Nation
Arkansas for FairTax
Friends of the TEA Party in Arkansas
Freedom Roundtable
Pro-Life Rocks - Arkansas
Republican Network
Republican Liberty Caucus of AR
Reject the U.N.

Patriots
Exchange
Links

Request Via
Article Comment

Links to ARRA News
A Patriotic Nurse
Agora Associates
a12iggymom's Blog
America, You Asked For It!
America's Best Choice
ARRA News Twitter
As The Crackerhead Crumbles
Blogs For Borders
Blogs for Palin
Blow the Trumpet Ministry
Boot Berryism
Cap'n Bob & the Damsel
Chicago Ray Report - Obama Regime Report
Chuck Baldwin - links
Common Cents
Conservative Voices
Diana's Corner
Greater Fitchburg For Life
Lasting Liberty Blog
Liberal Isn't Amy
Marathon Pundit
Patriot's Corner
Right on Issues that Matter
Right Reason
Rocking on the Right Side
Saber Point
Saline Watchdog
Sultan Knish
The Blue Eye View
The Born Again Americans
TEA Party Cartoons
The Foxhole | Unapologetic Patriot
The Liberty Republican
The O Word
The Path to Tyranny Blog
The Real Polichick
The War on Guns
TOTUS
Twitter @ARRA
Underground Notes
Warning Signs
Women's Prayer & Action
WyBlog

Editor's Managed Twitter Accounts
Twitter Dr. Bill Smith @arra
Twitter Arkansas @GOPNetwork
Twitter @BootBerryism
Twitter @SovereignAllies
Twitter @FairTaxNation

Editor's Recommended Orgs
Accuracy in Media (AIM)
American Action Forum (AAF)
American Committment
American Culture & Faith Institute
American Enterprise Institute
American Family Business Institute
Americans for Limited Government
Americans for Prosperity
Americans for Tax Reform
American Security Council Fdn
AR Faith & Ethics Council
Arkansas Policy Foundation
Ayn Rand Institute
Bill of Rights Institute
Campaign for Working Families
CATO Institute
Center for Individual Freedom
Center for Immigration Studies
Center for Just Society
Center for Freedom & Prosperity
Citizens Against Gov't Waste
Citizens in Charge Foundstion
Coalition for the Future American Worker
Competitive Enterprise Institute
Concerned Veterans for America
Concerned Women for America
Declaration of Am. Renewal
Eagle Forum
FairTax
Family Research Council
Family Security Matters
Franklin Center for Gov't & Public Integrity
Freedom Works
Gingrich Productions
Global Incident Map
Great Americans
Gold Standard 2012 Project
Gun Owners of America (GOA)
Heritage Action for America
David Horowitz Freedom Center
Institute For Justice
Institute for Truth in Accounting
Intercollegiate Studies Institute
Judicial Watch
Less Government
Media Reseach Center
National Center for Policy Analysis
National Right To Work Foundation
National Rifle Association (NRA)
National Rifle Association (NRA-ILA)
News Busters
O'Bluejacket's Patriotic Flicks
OathKeepers
Open Secrets
Presidential Prayer Team
Religious Freedom Coalition
Renew America
Ron Paul Institute
State Policy Network
Tax Foundation
Tax Policy Center
The Club for Growth
The Federalist
The Gold Standard Now
The Heritage Foundation
The Leadership Institute
Truth in Accounting
Union Facts



Blogs For Borders

Reject the United Nations

Presidential Prayer Team

Thousands of Deadly Islamic Terror Attacks Since 9/11


FairTax Nation on FaceBook
Friends of Israel - Stand with Israel
Blog Feeds
Syndicated - Get the ARRA News Service feed Syndicated!
ARRA Blog Feed

Add to Google Reader or Homepage

Add to The Free Dictionary

Powered by Blogger


  • To Exchange Links - Email: editor@arranewsservice.com!
  • Comments by contributing authors or other sources do not necessarily reflect the position the editor, other contributing authors, sources, readers, or commenters. No contributors, or editors are paid for articles, images, cartoons, etc. While having reported on and promoting principles & beleifs beliefs of other organizations, this blog/site is soley controlled and supported by the editor. This site/blog does not advertise for money or services nor does it solicit funding for its support.
  • Fair Use: This site/blog may contain copyrighted material the use of which has not been specifically authorized by the copyright owner. Such material is made available to advance understanding of political, human rights, economic, democracy, and social justice issues, etc. This constitutes a 'fair use' of such copyrighted material as provided for in section Title 17 U.S.C. Section 107 of the US Copyright Law. Per said section, the material on this site/blog is distributed without profit to readers to view for the expressed purpose of viewing the included information for research, educational, or satirical purposes. Any person/entity seeking to use copyrighted material shared on this site/blog for purposes that go beyond "fair use," must obtain permission from the copyright owner.
  • © 2006 - 2020 ARRA News Service
Creative Commons License
Creative Commons Attribution Noncommercial Share Alike 3.0 Unported License.