Following President Barack Obama’s calls for improvements to identity and access management systems in the USA, and throughout the world, it is revealed that 74% of federal agencies do not currently employ such technologies. This, combined with the growing reports of cybersecurity incidents, is worrying the White House and governments all around the world.
Demonstrating the need for increased cybersecurity measures, as reported last month, the US government has revealed that the number of cyber-attacks grew by 10% in 2015. Despite the increased efforts and investment to stop cyber terrorism, the number of reported incidents grew from 69,851 to 77,183 in a 12-month period.
This increase in cyber-criminal activity has not deterred the US government’s attempts at quashing the threat – with a report by the Office of Management and Budget hailing the unprecedented improvements in recent cyber security.
Included in these reported incidents was a mass hack on US government agencies and their staff – with online details and data stolen from 21.5 million individuals. This staggering number may have contributed towards the strong action called for by President Obama.
The report does however concede the need for continuing improvements to cybersecurity, echoing the thoughts of US President Barack Obama. The report, which can be read here, alarmingly revealed that 74% of federal agencies still do not employ sufficient identity and access management systems.
This figure comes in stark contrast to the president’s desire to implement IAM technologies and strategies throughout the web-based systems of all federal agencies. With almost ¾ of agencies struggling to showcase an effective IAM process, their systems may struggle to correctly and robustly identify users attempting to gain access.
At the very least, this lack of a robust IAM system could make the process of authorised users*accessing* necessary data and files incredibly inefficient. And the most extreme results of these oversights could see sensitive data compromised.
ProofID Managing Director, Tom Eggleston, adds:
“Two things jump out from this report – firstly that the US government has clearly identified the crucial role which Identity and Access Management has to play in ensuring cyber-security for government systems and data. And secondly, it is equally clear that many government agencies have no IAM program in place, or if they do, they lack maturity. Our experience in the UK, with government agencies and private organisations alike, is that this pattern is repeated here. As an industry, we have many of the tools to protect ourselves, but we must do more to implement them.”