From NextGov:

The chairman of a House committee that oversees the Small Business Administration urged the agency’s head to plug long festering cybersecurity vulnerabilities within six months.

In back-to-back hearings of the House Small Business Committee this week, lawmakers pried into longstanding “mismanagement” at the agency, including a slew of unaddressed recommendations from the agency’s inspector general and the Government Accountability Office.

Among them: more than 30 recommendations for shoring up SBA’s IT security.

“If I were you, I’d start with (fixing) these IT and cybersecurity deficiencies,” Rep. Steve Chabot, R-Ohio, the chairman of the committee told SBA Administrator Maria Contreras-Sweet on Thursday. “That’s what worries me the most.”

Chabot cited the long list of hacked federal agencies over the past year: the Office of Personnel Management, the State Department and even the unclassified networks at the White House.

“Small businesses trust the SBA, your agency, with their information — oftentimes very sensitive information — that they don’t want a rival business or their neighbors or the Chinese government to have access to,” Chabot told Contreras-Sweet.

The massive hack of OPM background investigation records is believed to have been an espionage operation carried out by Chinese hackers.

Chabot pressed Contreras-Sweet to fix the security gaps by June 30 and to provide monthly updates to the committee along the way.

Contreras-Sweet responded, “I commit to you to reporting to you on a regular basis and will work with godspeed to make your deadline.”

GAO, in a report issued in September, first drew attention to…

Continue Reading