Census Bureau Must Fix 3,100 Cyber Vulnerabilities Before 2020 Count

Posted on Posted in News

August 31, 2018 at 02:15PM
Go to the source

The preparation for the 2020 Census is laboring under constricted timelines, unfixed cyber vulnerabilities and ballooning IT costs, according to a Government Accountability Office report released Thursday.

Early testing has turned up 3,100 digital vulnerabilities that need to be remediated in Census systems, according to the report, including 43 that are deemed either “high risk” or “very high risk.”

That number could increase dramatically because numerous IT systems haven’t yet undergone cybersecurity testing, the audit noted.

“Because the 2020 Census involves collecting personal information from over a hundred million households across the country, it will be important that the Bureau addresses system security weaknesses in a timely manner and ensures that risks are at an acceptable level before systems are deployed,” the auditors stated.

The 2020 Census is planned to be the first fully digital census, which will increase efficiency and lower costs, but also drastically increases cybersecurity concerns, according to the report.

Those cybersecurity concerns have grown more acute as delays elsewhere in the process have cut down the amount of time for cyber testing.

The Census Bureau initially planned for six to eight weeks of security testing for most systems. Because of delays, that period has been compressed, in some cases, to just five to eight days. In other cases, systems have been deployed before they were fully tested, the report stated.

Out of 44 IT systems the Commerce Department will use to conduct the 2020 Census, 38 will contain citizens’ personal information, according to the report.

The 2020 count’s projected IT costs have also increased from an estimated cost of $3.4 billion in October 2015 to nearly $5 billion in December 2017, the report stated.

The Census Bureau didn’t have any substantive disagreements with the GAO report.  

https://www.nextgov.com/analytics-data/2018/08/census-bureau-must-fix-3100-cyber-vulnerabilities-2020-count/150938/