Skip to main content
close search
site logo
Dive Brief

Report: Homeland Security employees pass phishing scams, struggle with physical security

Published May 18, 2016
By
Contributing Editor
Flickr; USCapitol

Dive Brief:

  • Department of Homeland Security employees are less likely to click on potentially dangerous malware than they were previously, according to the results of a penetration test conducted by an independent auditor.

  • The DHS inspector general contracted with KPMG to conduct the social engineering tests and found employees displaying basic cybersecurity practices. 

  • The report, however, found that employees lacked physical security practices and often left sensitive documents laying around their workspace. 

Dive Insight:

Auditors, posing as agency technical support, called DHS employees and asked them to provide their login credentials, according to a Nextgov report. They reached only eight of the 28 employees and contractors they contacted, but none of the eight turned over their passwords.

Last week, Clifton Triplett, the cybersecurity adviser for the Office of Personnel Management, said fewer OPM employees fell for bogus emails in a similar test at that organization.

Improving cybersecurity has been a priority for the federal government. A recent report from SecurityScorecard found U.S. federal, state and local government agencies rank lowest in cybersecurity when compared to the private sector. The federal government has been making a number of moves to try to improve cybersecurity within its organizations.

Recommended Reading

Filed Under: Security, Leadership

Editors' picks

Company Announcements

View all | Post a press release
Only Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Eva…
From Cynet Security
December 11, 2024
Smart City Expo USA 2025 Speakers Announced
From Smart City Expo USA
December 11, 2024
Arcus Power Launches Power Market Data Solutions on Snowflake Marketplace
From Arcus Power Corp
December 04, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.