Overall, 57% of respondents have adopted some form of security framework - like those recommended by the Center for Internet Security or the National Institute of Standards and Technology - although only 39% of cities and towns had adopted such standards.Ĭities were also less likely to say they conduct regular vulnerability scans of their systems, with only 41% having completed such scans. The report notes that only 37% of surveys were returned, so the results are not comprehensive, but rates of compliance with industry security standards were low. "The implementation of cybersecurity-related controls varies across the state overall, many entities still have room for improvement." "We believe government entities should be taking proactive steps to identify weaknesses and gaps in their security and use a cybersecurity framework as a guiding document to address those issues," the report says. The results were presented to the Legislative Audit Subcommittee Tuesday afternoon. To understand the status of cybersecurity across the state, the Office of the Legislative Auditor General sent surveys to 620 entities in counties, cities, higher education, applied technical colleges, school districts and local districts. Various entities throughout the state were found to be at risk of cybersecurity attacks and need to strengthen their security framework." What the audit found "Entities should be taking proactive steps to identify weaknesses and gaps in their security and use a cybersecurity framework as a guiding policy to address cybersecurity vulnerabilities. "Cyberattacks have cost the state of Utah millions of dollars, and will continue to cost the state if cybersecurity measures are not taken," the report states. The findings show that several entities lack a framework for cybersecurity and do not require annual cybersecurity awareness training for their employees. ![]() ![]() The report, commissioned by the Utah Legislature, examined cybersecurity practices across the three branches of government in the state in addition to interlocal agencies. ![]() Utah's judicial branch lacks a strategic plan to protect cybersecurity, and the legislative information technology office is not in compliance with cybersecurity standards, a recent legislative audit found.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |