Poor IT security led to breaches at consumer safety agency, IG says

(Getty Images)

Share

Written by

The Consumer Product Safety Commission, like many other agencies across the government, faces IT security issues that the agency’s inspector general says are among the agency’s top management and performance challenges.

In a report published Thursday, the CPSC IG describes a few of the challenges that it anticipates the agency will need to contend with in fiscal 2020 — balancing sustainment with investment in innovation, protecting against cyberthreats and more. There is also, the report reveals, the issue of accidental disclosure of personally identifiable information (PII) to “unauthorized recipients.”

“In the past year, there were two separate identified instances where PII … of thousands of people and businesses was released to unauthorized recipients,” the IG states. The report goes on to note that the “root causes” of the breach “have not been fully identified,” but that “it is extremely likely that CPSC will need to consider a wide variety of process changes in addition to implementing new IT-based solutions to mitigate the risk of future incidents.”

The other challenges CPSC faces, per the IG, have to do with internal control systems, enterprise risk management and resource management. The report is pretty upbeat about the agency’s prospects of dealing with these areas, though. “Challenges do not necessarily equate to problems,” the report states. “Rather, they should be considered areas of continuing focus for CPSC management and staff.”

CPSC recently became a customer of the General Services Administration’s IT modernization Centers of Excellence program. That partnership, which is in its very early stages, seems focused on data management and data analytics.

“We’re working with the GSA COE on the development of an enterprise data strategy and implementation plan to support ongoing work to support of the CPSC’s commitment to evidence-based decision making and the importance of data and analytics in agency operations,” a CPSC spokesperson told FedScoop last month.

-In this Story-

Centers of excellence, Consumer Product Safety Commission, Inspector General, IT security
TwitterFacebookLinkedInRedditGoogle Gmail