GAO Makes Public Report on FCC ECFS Security Vulnerabilities
The FCC has made progress addressing security vulnerabilities in the electronic comment filing system related to the disruptions during the 2017 net neutrality comment period (see 1812030034) but needs to do more, GAO reported Friday in the publicly available version…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
of a report released for official use in September. GAO offered 136 recommendations the FCC could implement to improve ECFS security, and by November, the agency had “fully implemented” 85. The auditor said the commission has a plan to tackle all the recommendations by April 2021. “We have been working diligently to address the recommendations in the report and have addressed 94 to date and plan to implement the remaining recommendations on a rolling basis over the next year," emailed an FCC spokesperson Friday. Deficiencies found by GAO involved “identifying risk, protecting systems from threats and vulnerabilities, detecting and responding to cyber security events, and recovering system operations,” the report said. "The FCC is committed to protecting the confidentiality, integrity, and availability of our information systems,” the spokesperson said. “Until the FCC implements all of the remaining recommendations, its systems will remain vulnerable to failure and misuse,” said House Commerce Committee Chairman Frank Pallone, D-N.J. He said Chairman Ajit Pai "must act swiftly to fix these vulnerabilities and restore trust back into the ECFS and the FCC’s cybersecurity practices overall.”