News

Audit: State agency lacks basic cybersecurity safeguards

Published July 3, 2019 12:07 pm

The Oregon Department of Administrative Services lacks basic cybersecurity safeguards, according to an audit report released Wednesday by Secretary of State Bev Clarno.

“The security of Oregon’s data is a serious issue,” Clarno said. “DAS should take immediate action to address the findings outlined in this report.”

Auditors concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure and lacks basic foundational cybersecurity safeguards.

This is due in large part to a fragmented organizational and governance structure, as well as numerous legacy applications within various business units.

Additionally, they said, the DAS CIO (chief information officer) role lacks appropriate functional authority and staffing to carry out its official responsibilities and ensure consistent controls across these units. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification.

Read the full audit on the Secretary of State website.

Article Topic Follows: News

Jump to comments ↓

Audit: State agency lacks basic cybersecurity safeguards

KTVZ News Team

Barney Lerten

‘It really takes a toll on you’: Houseless along China Hat Road trying to prepare for another cold, snowy winter

Special Report, Parts 1, 2: Consumer alert in Crook County; Prineville car dealership under fire, accused of scams

DAWNS House founder Dawn Holland pleads not guilty to 8 counts of aggravated theft; March trial date set

KTVZ News Team

Related Articles