The Department of Homeland Security (DHS) has come under fire for exposing its computer networks to possible infiltrations as a result of not following many of its own cyber-security policies.

DHS’ inspector general (IG) said in a new report (pdf) that the agency was using old security controls and Internet connections that could not be verified as reliable. Officials also failed to review “top secret” information systems for vulnerabilities.

“This report shows major gaps in DHS’s own cybersecurity, including some of the most basic protections that would be obvious to a 13-year-old with a laptop,” Senator Tom Coburn (R-Oklahoma), the top Republican on the Senate Homeland Security and Governmental Affairs Committee, said in a statement. “We spend billions of taxpayer dollars on federal information technology every year. It is inexcusable to put the safety and security of our nation and its citizens at risk in this manner.”

The committee’s chairman, Senator Tom Carper (D-Delaware), said it was “critical that our federal agencies do all that they can to protect their systems and to ensure that sensitive information is properly secured,” especially in light of the increasing number of cyber-related attacks and information breaches.

The IG did have some good things to say about DHS’ effort, namely that it had improved its information-security program through streamlining of its risk-management system and addressing some of the Obama administration’s cyber-security priorities, according to Josh Hicks at The Washington Post.

-Noel Brinkerhoff

To Learn More:

Report Shows Weaknesses in DHS Cybersecurity (by Josh Hicks, Washington Post)

Evaluation of DHS’ Information Security Program for Fiscal Year 2013 (Department of Homeland Security, Office of Inspector General) (pdf)

FBI, Homeland Security and Counterterrorism Center Declare Cyber-Attacks Bigger Threat than Terrorism (by Noel Brinkerhoff, AllGov)