Audit Finds Weaknesses in EPA’s Cybersecurity

EPA Offices, Washington DC

Despite making strides to improve its information security program, the Environmental Protection Agency still struggles with processes around its internal control and contractor performance monitoring, a watchdog concluded

A July 15 report outlining EPA’s top challenges for fiscal year 2019 said the agency still continues to grapple with implementing a robust cybersecurity program that fortifies its network defenses and data security. 

“Despite progress, recent audits continue to highlight the need to fully implement information security throughout the EPA, which requires continued senior-level emphasis,” the Office of Inspector General noted. 

To better counter cyber threats and bolster its overall information security, EPA was given seven actions to take. Among them: adopt a strategy to protect the confidentiality of personally identifiable information in the incident tracking system and implement technologies to support the incident response program.

Safeguarding networks and data has been among EPA’s management challenge since 2001, the OIG said. 


Content Goes Here