VA Releases New Strategy to Protect Veteran Data



A new cybersecurity strategy, recently unveiled by the Department of Veteran Affairs, is designed to better protect veterans’ personal data.

Timed to coincide with Veterans Day, the Department of Veterans Affairs has rolled out a new cybersecurity strategy aiming to better secure veterans’ data.

The new guidance comes a few weeks after the VA partnered with the Cybercrime Support Network, a nonprofit collaboration, designed to better educate veterans on how to strengthen their online security habits.

The 20-page strategy includes five strategic goals:

  • Secure and protect VA and Veteran information
  • Protect information systems and assets
  • Leverage innovation to strengthen cybersecurity
  • Enhance cybersecurity through partnerships and information sharing  
  • Empower VA mission through cybersecurity risk management

One of the things the VA’s first goal hopes to achieve is better securing and monitoring of systems in which veteran data is stored. This includes identifying and tagging data, protecting it at rest, in transit and taking steps to mitigate data loss, either through unauthorized access, spillage, or data exfiltration.

Other elements of the new strategy include reducing the VA’s exposure in high-risk areas, facilitating partnerships betwen other agencies for cybersecurity awareness, and increasing the visibiity and accountability of the VA’s hardware/software assets and information systems.

Identifying controlled data that needs to be protected, encrypting it and better securing how its transferred, i.e. ports and protocols, is critical, especially as the popularity of telehealth continues.

The goal of the new strategy is to not only better safeguard veterans’ data but also help instill servicemembers’ confidence in the VA itself.

“The Veteran experience includes the safeguarding of their information and the protection of the systems that store, process, and transmit data. A compromise could lead to fraudulent activities, exposure of Veteran’s personal information, or the corruption of critical data,” reads part of the new strategy, “More importantly, poor cybersecurity practices will erode the Veteran’s confidence in VA.”

Veterans are regularly targeted by hackers in identity theft scams; according to the VA, the FTC recorded more than 41,000 incidents of Veteran fraud and identity theft in 2020.

Last month a former Army contractor was sentenced to 151 months in prison after he plead guilty to his role in a conspiracy that resulted in $1.5 million in losses. As part of the campaign, the contractor, Fredrick Brown, stole personally identifiable information belonging to 3,300 Veterans, including names, Social Security numbers, military ID numbers, dates of birth, and contact information.

While Brown’s activity occurred years ago, from July 2014 and September 2015, it’s still indicative of the levels some are willing to go in order to defraud veterans.

A new AARP report, released this month, found that veterans, military, and their families are roughly 40% more likely to lose money to scams and fraud than the civilian population.

Tags: Government



Source link

Leave a Reply

%d bloggers like this: