Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Samuel Corum/Anadolu Agency/Getty Images

A Senate subcommittee analysis of a decade of annual inspectors general reports shows that at the 7 worst-performing federal agencies, known cybersecurity issues can linger for as long as a decade.

The big picture: The report, compiled by the Permanent Subcommittee on Investigations, tracked cybersecurity problems in 7 agencies with the lowest ratings in a recent federal audit, as well as the Department of Homeland Security, which exercises some oversight control. Many of the problems were common across agencies.

Details: The 7 low-performing agencies were the Social Security Administration and the Departments of State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services and Education.

  • At the Department of Education, for example, the inspector general identified in 2011 that unauthorized outside devices were able to connect to the network. That problem wasn't addressed until last year, and even then the network allowed connections for 90 seconds — enough to open a doorway for hackers.
  • Agriculture, Transportation, and HHS all had recurring or unaddressed problems that were a decade old. State had problems stretching back 5 years.
  • Every agency audited used at least some legacy systems so outdated that the vendors no longer provide security patches. Six agencies did not patch in a timely manner.

Between the lines: The report identifies several problems that allow cybersecurity issues to linger in many agencies.

  • There is a global cybersecurity talent shortage, and many of the less glamorous agencies struggle to get the best talent.
  • Agency cybersecurity executives often don't have access to their directors' ears or congressionally mandated authority to make decisions. There's also often high turnover at those jobs.
  • Agencies struggle to make needed changes as a result of tight budgets.

What's next: The report suggests that agencies centralize operations, prioritize staffing and embrace different budgeting models.

Go deeper

Updated 4 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Health: Coronavirus deaths reach 4,000 per day as hospitals remain in crisis mode — America has tuned out the coronavirus at the peak of its destruction — 1 in 3 people in L.A. County believed to have been infected with coronavirus.
  2. Politics: Biden taps ex-FDA chief to lead Operation Warp Speed amid rollout of COVID plan— Widow of GOP congressman-elect who died of COVID-19 will run to fill his seat — Joe Biden will seek nearly $2 trillion in COVID relief spending.
  3. Vaccine: Battling Black mistrust of the vaccines"Pharmacy deserts" could become vaccine deserts — Instacart to give $25 to shoppers who get vaccine.
  4. Economy: Unemployment filings explode againFed chair: No interest rate hike coming any time soon —  Inflation rose more than expected in December.
  5. World: WHO team arrives in China to investigate pandemic origins.
Dan Primack, author of Pro Rata
1 hour ago - Economy & Business

Trump blocks banks from limiting loans to gun and oil companies

Illustration: Sarah Grillo/Axios

Big banks are no longer allowed to reject business loan applicants because of the industry in which they operate, according to a new rule finalized on Thursday by the Trump administration.

Why it matters: Wall Street has curtailed its exposure to industries like guns, oil and private prisons, driven by both public and shareholder pressures. This new rule could reverse that trend.

Former FDA commissioner: "Reliable drug supply is absolutely critical"

Axios' Caitlin Owens and former FDA commissioner Mark McClellan. Photo courtesy of Axios Events

Having a reliable supply of pharmaceutical drugs throughout America will be "absolutely critical" to boosting affordability in health care during the Biden administration, former Food and Drug Administration (FDA) commissioner Mark McClellan said at a virtual Axios Event on Friday.

The big picture: McClellan, who served under President George W. Bush, says drugs having limited supply and limited competition leads to elevated pricing. He considers drug supply to be a national security and public health issue.