Stories

Senators grill Pompeo on vulnerable cybersecurity at State Department

Photo: Igor Golovniov/SOPA Images/LightRocket via Getty Images

A bipartisan cadre of senators sent a letter to Secretary of State Mike Pompeo on Tuesday calling out the department's poor adoption of multi-factor authentication.

Why it matters: Multi-factor authentication requires users to take an additional protective step when logging into an account — often a physical key or a biometric scan. Beyond being a good practice for federal agencies, multi-factor authentication is also the law for all high-level government accounts.

The gripe: Sens. Ron Wyden (D-Ore.), Cory Gardner (D-Colo.), Rand Paul (R-Kent.), Ed Markey (D-Mass.) and Jeanne Shaheen (D-N.H) pointed to a recent Government Accountability Office report that found only 11% of required agency devices had enhanced security.

"We are sure you will agree on the need to protect American diplomacy from cyber attacks, which is why we have such a hard time understanding why the Department of State has not followed the lead of many other agencies and complied with federal law requiring agency use of MFA."
— Quote from the letter