EXECUTIVE SUMMARY:

As many in cybersecurity know, hackers often use phishing or spearphishing emails as a jumping-off point to infiltrate electronic systems and steal confidential information. In October 2017, Cyber Talk wrote about an incident involving a Homeland Security advisor who was the target of a phishing expedition. It wasn’t an isolated cybersecurity incident. The White House has had its share of hacking incidents in recent years. In an effort to try and get a grip, the U.S. government mandated that federal agencies implement electronic tools to guard against suspicious emails.

That order was handed down roughly a year ago. The specific requirement was implementation of a tool known as DMARC, which authenticates a sender and his or her domain. But according to the The Washington Post, nearly a quarter of government agencies have failed to comply with the mandate, including the White House.

The implications of substandard cyber security are severe, especially when you consider that the U.S government contracts with hundreds of corporations like Lockheed Martin, Boeing, Northrop Grumman, Raytheon, General Dynamics, and others for military and defense systems.

“The White House’s apparent failure to manage email protections risks undermining its authority as it tries to lead a government wide push to improve the cybersecurity of government systems and data,” writes The Washington Post.

On the flip side, report data shows that the majority of federal web domains—69 percent—are in compliance with the DHS directive. That statistic actually outperforms other industry sectors, when it comes to protection against email spoofing—20 percent higher than tech and 30 percent higher than banking.

Get the full story at The Washington Post.