US flag signifying that this is a United States Federal Government website Official website of the Department of Homeland Security

Cybersecurity

  • (U) S&T Has Taken Steps to Address Insider Threats, But Management Challenges Remain

    Executive Summary

    We conducted our review of the Science and Technology’s (S&T) insider threat program between January 2017 and June 2017.  S&T is the primary research arm of the Department of Homeland Security (DHS).  Its mission is to strengthen the Nation’s security and resiliency by providing knowledge products and innovative solutions to support DHS mission operations.  Specifically, Congress created S&T in 2003 to conduct basic and applied research, development, demonstration, testing, and evaluation activities relevant to any or all elements of the Department.  S&T oversees laboratories where scientists perform mission-critical research on chemical and biological threats, radiological and nuclear detection, animal diseases, transportation security, and explosives trace identification.  S&T employees, contractors, and business partners—especially those with special or elevated privileges—can potentially use their inside knowledge and access to exploit vulnerabilities and cause harm to mission-critical systems and operations.  We made nine recommendations that, if implemented, should strengthen S&T’s management of insider threat risks.  The Department concurred with all of the recommendations.

    Report Number
    OIG-18-89-UNSUM
    Issue Date
    DHS Agency
    Oversight Area
    Fiscal Year
    2018
  • CBP Has Not Ensured Safeguards for Data Collected Using Unmanned Aircraft Systems

    Executive Summary

    In December 2014, OIG previously reported on the effectiveness and cost of the UAS program.2 Our report disclosed CBP had not developed performance measures needed to accurately assess program effectiveness and make informed decisions. CBP also did not recognize all UAS operating costs and, as such, the Congress and public may be unaware of the amount of resources invested in the program. This audit determined that CBP has not ensured effective safeguards for surveillance information, such as images and video, collected on and transmitted from its UAS. Without a privacy assessment, CBP could not determine whether ISR Systems contained data requiring safeguards per privacy laws, regulations, and DHS policy. CBP’s failure to implement adequate security controls according to Federal and DHS policy could result in potential loss of confidentiality, integrity, and availability of ISR Systems and its operations.

    Report Number
    OIG-18-79
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2018
  • Fiscal Year 2017 Evaluation of DHS' Compliance with Federal Information Security Modernization Act Requirements for Intelligence Systems

    Executive Summary

    Pursuant to the Federal Information Security Modernization Act of 2014, we reviewed the Department’s security program, including its policies, procedures, and system security controls for the enterprise-wide intelligence system. Since our FY 2016 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of the department-wide intelligence system and has implemented programs to monitor ongoing security practices. In addition, the United States Coast Guard is in the process of migrating its intelligence users to a system that is jointly managed by the Defense Intelligence Agency and the National Geospatial Agency.

    Report Number
    OIG-18-59
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2018
  • Evaluation of DHS' Information Security Program for Fiscal Year 2017

    Executive Summary

    We reviewed DHS’ information security program in accordance with the Federal Information Security Modernization Act of 2014 (FISMA). Our objective was to determine whether DHS’ information security program and practices were adequate and effective in protecting the information and information systems that supported DHS’ operations and assets in fiscal year 2017.

    Report Number
    OIG-18-56
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2018
  • Review of CBP Information Technology System Outage of January 2, 2017

    Executive Summary

    CBP took sufficient steps to resolve the January 2, 2017 outage on the same day it occurred. CBP’s initial actions to resolve this outage were unsuccessful for several hours. Ultimately, the CBP Assistant Commissioner of the Office of Information and Technology (OIT) decided to revert system queries from the TECS Modernization server environment to the TECS Legacy mainframe environment. As a result of this action, airports began to report that they could process passengers again. After 4 hours, airports began reporting that they were back online. The transition back to the legacy environment worked to resolve the January 2, 2017 system outage. Nevertheless, underlying causes that might result in future outages were not addressed and persist today in the CBP environment. we identified inadequate CBP software capacity testing, leaving the potential for the recurrence of processing errors; deficient software maintenance, resulting in high vulnerabilities that remain open; ineffective system status monitoring to ensure timely alerts in case of mission-business disruptions; and inadequate business continuity and disaster recovery processes and capabilities to minimize the impact of system failures on the traveling public. Until such deficiencies are addressed, CBP lacks a means to minimize the possibility and impact of similar system outages in the future.

    Report Number
    OIG-18-19
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2018
  • DHS Can Improve Cyber Threat Information Sharing

    For More Information, Contact

    Public Affairs (202) 254-4100

    For Immediate Release

    Download PDF (86.52 KB)

    In a newly released report, the Department of Homeland Security (DHS) Office of Inspector General (OIG) found that while DHS has established a process for sharing cyber threat information between the Federal government and the private sector, improvements are still needed. 

    DHS has developed the capability to share cyber threat information and defensive measures among Federal, state, local, tribal, and territorial governments; the private sector; information sharing analysis centers and organizations; and foreign government companies. DHS has also properly classified cyber threat indicators and defensive measures and accounted for the security clearances of private sector recipients who receive such information. 

    Despite this progress, DHS still faces challenges to effectively share cyber threat information across Federal and private sector entities. DHS’ system is focused on volume, velocity, and timeliness of information but does not provide the quality, contextual data needed to effectively defend against ever-evolving threats. Because the system is automated with pre-determined data fields, it may not always provide adequate information regarding specific incidents, tactics, techniques, and procedures that unauthorized users used to exploit software vulnerabilities. Given these limitations, Federal and private sector partners sometimes rely on other systems or participate in other DHS information sharing programs to obtain quality cyber threat data. Moreover, the unclassified and classified databases and repositories are not integrated, restricting analysts’ ability to compile complete situational awareness of potential threats. Finally, DHS should also enhance its outreach to increase participation and improve information sharing.

    We made five recommendations for the National Protection Programs Directorate to improve its information sharing capability. “DHS needs to ensure that cyber threat information sharing between federal and private partners is effective,” said Inspector General John Roth. “The improvements we are recommending today should increase participation and enhance DHS’ ability to analyze, coordinate, and share cyber threat information.”

    Topic
    DHS Agency
    Oversight Area
  • Biennial Report on DHS’ Implementation of the Cybersecurity Act of 2015

    Executive Summary

    The Department faces challenges to effectively sharing cyber threat information across Federal and private sector entities. Without acquiring a cross-domain information processing solution and automated tools, DHS cannot analyze and share threat information timely. Further, without enhanced outreach, DHS cannot increase participation and improve coordination of information sharing across Federal and private organizations.
     

    Report Number
    OIG-18-10
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2018
  • Review of DHS' Information Security Program for Intelligence Systems for Fiscal Year 2017 (U)

    Executive Summary

    We evaluated the Department of Homeland Security’s (DHS) enterprise-wide security program for Top Secret/Sensitive Compartmented Information intelligence systems. Pursuant to the Federal Information Security Modernization Act of 2014, we reviewed the Department’s security program, including its policies, procedures, and system security controls for the enterprise-wide intelligence system. This report was issued to the Office of the Inspector General of the Intelligence Community (IC IG).

    Report Number
    OIG-17-109
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2017
  • (U) Annual Evaluation of DHS' INFOSEC Program (Intel Systems - DHS Intelligence and Analysis) for FY 2016

    Executive Summary

    Since our fiscal year 2015 evaluation, the Office of Intelligence and Analysis (I&A) has continued to provide effective oversight of DHS’ department-wide intelligence system and implemented programs for ongoing monitoring of its security practices. In addition, I&A has relocated its intelligence system to a DHS data center to improve network resiliency and support. The United States Coast Guard (USCG) has migrated its sites that process Top Secret/Sensitive Compartmented Information to a Defense Intelligence Agency owned system. However, USCG must continue to work with the Defense Intelligence Agency to clearly define the oversight responsibilities for this external system that supports its intelligence operations. We identified deficiencies in DHS’ information security program and are making two recommendations to I&A and three recommendations to USCG. I&A concurred with its two recommendations, while USCG non-concurred with its three recommendations. We conducted this review between May and September 2016.

    Report Number
    OIG-17-58-UNSUM
    Issue Date
    DHS Agency
    Oversight Area
    Keywords
    Fiscal Year
    2017
  • USSS Faces Challenges Protecting Sensitive Case Management Systems and Data

    Executive Summary

    We determined that the U.S. Secret Service (USSS) did not have adequate protections in place on systems to which Master Central Index (MCI) information was migrated.  These problems occurred because USSS has not consistently made IT management a priority.  The USSS Chief Information Officer (CIO) lacked authority for all IT resources and was not effectively positioned to provide necessary oversight, inadequate attention was given to updating USSS IT policies, and high turnover and vacancies within the Office of the CIO meant a lack of leadership to ensure IT systems were properly managed.  In addition, USSS personnel were not adequately trained to successfully perform their duties. We made 10 recommendations to USSS and 1 recommendation to the DHS Privacy Office to reduce the risk of future unauthorized access and disclosure of sensitive information. The USSS and the DHS Privacy Officer concurred with these recommendations.

    Report Number
    OIG-17-01
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2017
Subscribe to Cybersecurity

Would you like to take a brief survey regarding our site?