Audit finds that state agencies have weak IT security

The weaknesses increase the risk of a cyber attack and put individuals' private information at risk

The audit found weaknesses that increase the risk of a cyber attack. November 30, 2016, (AP)
The audit found weaknesses that increase the risk of a cyber attack. November 30, 2016, (AP)

SALEM, Ore. (AP) – Oregon’s chief auditing agency sharply criticized inadequate security of state agencies’ computer programs and data, saying in an audit on Wednesday that the governor, Legislature and others must create and fund a statewide security plan.

The audit by Secretary of State Jeanne P. Atkins’ office said the weaknesses increase the risk of a cyber attack and put individuals’ private information at risk.

The audit reviewed 13 state agencies’ information security and found that more than half had security weaknesses in six of the seven fundamental security controls reviewed and all agencies had at least two weaknesses.