Advertisement

‘Significant work’ remains for Census to address IT, cybersecurity ahead of 2020

The bureau has processes in place to identify cybersecurity weaknesses, but it needs to be sure to implement fixes too.
(Getty Images)

The U.S. is now just 11 months away from Census Day 2020, and still “significant work” remains for the agency in addressing its IT and cybersecurity challenges.

That was the upshot of the Government Accountability Office’s testimony during a House Appropriations Committee hearing Tuesday.

Many of the 52 new or legacy IT systems that the 2020 census will run on have been successfully delivered, GAO’s Nicholas Marinos said, but there are still further deadlines ahead. Marinos, the director of IT and cybersecurity at GAO, testified alongside GAO Director of Strategic Issues Robert Goldenkoff and Census Bureau Director Steven Dillingham.

“The bureau is at risk of not meeting near-term system development and testing schedule milestones for two upcoming operational deliveries,” Marinos said during his testimony. “These include systems that support address canvassing, which is intended to verify the location of housing units across the country and internet self-response, a new innovation that the bureau intends to rely on for a significant portion of responses to the census.”

Advertisement

Marinos said GAO is heartened that the bureau has a cybersecurity risk management framework in place, and is working with the Department of Homeland Security to identify cyber risks. Still, GAO says the bureau needs to pay “significant management attention” to make sure that security issues, once found, are fixed.

The watchdog agency made two additional recommendations around this in a report published Tuesday. One directs the bureau’s CIO to make sure that identified security issues are resolved in a “timely” manner. The other urges the agency to develop a process for implementing security recommendations made by partners at DHS.

These two recommendations join the 97 recommendations that GAO has made on the 2020 census. So far, 72 of these recommendations have been implemented. In February 2017, GAO added the 2020 count to its high-risk list.

“The bottom line is that the security assessment efforts conducted by DHS and the bureau itself will only be as valuable as the security fixes that the bureau fully implements,” Marinos said.

The Census Bureau has said that its systems performed well during the 2018 end-to-end test and are now being made ready for prime time.

Latest Podcasts