New audit finds flaws in US Secret Service information systems

23 October 2016 (Last Updated October 23rd, 2016 18:30)

A cyber-security audit performed by the Office of the Inspector General found that 'unacceptable vulnerabilities' exist in the US Secret Service's (USSS) information security systems.

A cyber-security audit performed by the Office of the Inspector General found that 'unacceptable vulnerabilities' exist in the US Secret Service's (USSS) information security systems.

The audit was conducted after the Secret Service improperly accessed and disclosed information about US Representative Jason Chaffetz (R-Utah), chairman of the House Committee on Oversight and Government Reform.

It uncovered several problems, such as inadequate system security plans (SSP), access and audit controls, and privacy protections, as well as non-compliance with logical access requirements and over-retention of records.

"The USSS allegedly failed to update its IT policies or train its personnel to successfully perform their duties."

According to the report, the problems occurred because the USSS had not consistently made IT management a priority.

The USSS allegedly failed to update its IT policies or train its personnel to successfully perform their duties.

The report also highlighted that the USSS has little room for error in its primary mission of 'protecting the president, other dignitaries and events, and investigating financial [crimes] and cyber-crimes to help preserve the integrity of the nation's economy.'

The USSS' cyber-security documentation was often incomplete, leading to confusion as to how responsibilities were allocated and who was performing what functions.