An audit has found lapses in internal systems used by the Secret Service and Immigration and Customs Enforcement.
The Department of Homeland Security also needs to establish a cyber training program for analysts and investigators, the audit said, with officials from several agencies blaming short-term budget allocations from Congress for their training cuts.
“We identified vulnerabilities on internal websites at ICE and USSS that may allow unauthorized individuals to gain access to sensitive data,” according to the report by the Office of the Inspector General for DHS.
The websites are used by ICE and Secret Service agents to report investigation statistics, case tracking and information sharing, it said.
The audit said the 240,000-employee department has made progress in strengthening cyber coordination between agencies and made nine recommendations, which DHS accepted and said it was working to address.
The recommendations come as federal government’s cyber security practices are under intense public scrutiny following recent breaches at the Office of Personnel Management, White House, State Department and other agencies.
Officials from ICE, NPPD and the Secret Service told investigators the agencies’ ability to conduct proper training programs has been hampered by the stop-gap funding bills Congress has been passing because of its inability to approve yearlong spending in a timely way.
The department needs to come up with a plan to coordinate cyber activities. It would benefit from automated capability for real-time incident information sharing, the report said.