• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year

3

The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
TechCybersecurity

Federal Cybersecurity Failures Include a 48-Year-Old System Few People Knew How to Use

By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
By
Alyssa Newcomb
Alyssa Newcomb
Down Arrow Button Icon
June 26, 2019, 5:07 PM ET
Add Fortune on Google for similar content.

Federal agencies fail to follow basic computer security standards including relying on a 48-year-old system for critical work, leaving the government vulnerable to hackers, according to Congressional report published on Tuesday.

“In 2017 alone, federal agencies reported 35,277 cyber incidents,” Sen. Robert Portman (R-Ohio) said in a statement about the report. “After a decade of negligence, our federal agencies have failed at implementing basic cybersecurity practices, leaving classified, personal, and sensitive information unsafe and vulnerable to theft.

The report, Federal Cybersecurity: America’s Data at Risk, is the result of a 10-month review by the Permanent Subcommittee on Investigations of the Senate Homeland Security Committee that examined a decade’s worth of inspector general reports. The findings detail how eight federal agencies are doing a poor job creating a defense against cyber threats at a time of increased worries about foreign governments hacking adversaries.

“Government agencies still seem to be struggling with the basics,” says Jake Olcott, vice president of government affairs at cybersecurity company BitSight told Fortune. “This has been a problem for decades. What’s interesting about this report is that it rightfully provides the scope of the problem.”

Outdated systems

All of the eight agencies mentioned in the report used outdated systems. The Department of Transportation used a 48-year-old system to provide information on hazardous materials incidents. Maintaining the system became difficult, since very few workers knew how to use the older applications, according to the report. That system was decommissioned on May 31, 2019.

In another case, the Department of Homeland Security has been running Windows XP and Windows 2003 on various systems, despite the fact that Microsoft stopped supporting the software a few years ago.

The Social Security Administration was called a “persistent cybsersecurity threat” since it holds the information of 60 million Americans who receive benefits. One of its systems uses COBOL, a programming language developed in the 1950s, that many younger IT employees are unfamiliar with. Another system, called CHUMS, is so old that home lenders can only submit customer applications for loans through the mail so that the government can track the information.

These systems are “sitting ducks,” says Olcott. “Using systems that are so old and not supported anymore, basically creates an environment that makes it very easy for bad actors to gain access to private data.”

Losing track of hardware and software

Many off the agencies also failed to keep an accurate inventory of the hardware and software on the networks. This has been a “recurrent problem” over the past decade for the Department of State, Department of Transportation, Department of Housing and Urban Development, Department of Health and Human Services, and the Social Security Administration, according to the report.

It’s not rocket science, but even NASA has had trouble with it. Last week, a report from NASA’s inspector general disclosed that a $25 unauthorized Raspberry Pi computer was used as an entry point for hackers to get into the Jet Propulsion Laboratory’s network and access sensitive information.

“Not knowing the systems we are using, the devices, represents a big risk to an organization, particularly a government agency,” says Olcott. “Employees could bring in their own personal devices and connect to their network. And if the agency can’t monitor the addition of new devices, that’s an area where individual personnel could be introducing new risks.”

Not using mandatory security patches

Typically, organizations quickly deploy security patches from software vendors to plug critical holes in their systems that could otherwise be exploited by hackers. But the federal government isn’t treating the job of updating security with the necessary, according to the report.

All eight agencies failed to patch vulnerabilities in a timely manner, but some were worse offenders than others.

“Both DHS and DOT failed to properly apply security patches for the last ten consecutive years,” the report says. The U.S. Department of Agriculture failed for the last nine years.

“It’s a basic thing that when patches come out, it’s a best practice to deploy,” says Olcott.

The path forward

While the report showcases some embarrassing failures, it also offers some recommendations, including prioritizing hiring of people with a cybersecurity expertise, new budgeting procedures to ensure threats are being addressed, and consolidating processes so that agencies can be more nimble when it comes to responding to and mitigating threats.

Olcott says it ultimately comes down to accountability. More companies are now regularly receiving reports from their cybersecurity teams about their preparedness. Executives are also held accountable in the event of a major data breach.

“The reality is, unlike in the commercial sector today, where CEOs and board members are being fired because of data breaches, there is not the same level of accountability and responsibility in the federal government,” he says. “Start holding people accountable for improving security performance…Those are the things you need congressional and executive leadership.”

About the Author
By Alyssa Newcomb
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in Tech

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in Tech

How foodservice giant Sodexo is embracing AI and robotics to reshape the kitchen
NewslettersCIO Intelligence
How foodservice giant Sodexo is embracing AI and robotics to reshape the kitchen
By John KellJuly 1, 2026
13 hours ago
Anthropic CEO Dario Amodei
AIAnthropic
Anthropic’s AI models are back online after a two-week government standoff—settling the company and administration into a fragile truce
By Tristan BoveJuly 1, 2026
13 hours ago
Nikesh Arora, chief executive officer at Palo Alto Networks
SuccessJobs
CEO of $248 billion cybersecurity company says workers are about to face a ‘Darwinian moment’ thanks to AI: Evolve or get cut
By Emma BurleighJuly 1, 2026
15 hours ago
Current price of Ethereum for July 1, 2026
Personal FinanceEthereum
Current price of Ethereum for July 1, 2026
By Joseph HostetlerJuly 1, 2026
16 hours ago
In this photo illustration, a Cisco logo is displayed on a smartphone with Artificial Intellingence (AI) symbols in the background.
AICFO Daily
Cisco is rolling out AI agents to every single one of its 90,000 employees
By Sheryl EstradaJuly 1, 2026
17 hours ago
senate
CommentaryCongress
One rare bipartisan AI bill is moving through Congress. Here’s why it deserves to pass
By Neil Björkman and Betsy BrewerJuly 1, 2026
18 hours ago

Most Popular

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big Tech
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
22 hours ago
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
7 days ago
The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
Newsletters
The Supreme Court's birthright citizenship ruling hands the U.S. economy a $7.7 trillion win
By Diane BradyJuly 1, 2026
20 hours ago
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
Success
Philanthropy leader at Warren Buffett and Bill Gates’ Giving Pledge says children of billionaires are pushing them to give their wealth away faster
By Preston ForeJune 27, 2026
5 days ago
Current price of oil as of July 1, 2026
Personal Finance
Current price of oil as of July 1, 2026
By Joseph HostetlerJuly 1, 2026
17 hours ago
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
Success
Elon Musk on MacKenzie Scott giving away $26 billion of her fortune: 'Sadly,' it makes the world a worse place
By Sydney LakeJune 29, 2026
3 days ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.