TOPEKA (KSNT) - Earlier this month, the Kansas Legislative Division of Post Audit (KSLPA) published a report finding nearly half of the 20 state and local entities it investigated had security faults from 2020 to 2022.
Entities that were audited regularly struggled with vulnerability remediation, incident response, security awareness training and specific IT system compliance, according to the report. The audit attributed the problems to two main issues: insufficient management oversight and lack of adequate IT resources.
"State and local entities could face significant consequences if hackers are able to access an entity’s network or confidential data because of poor security controls," KSLPA said in the conclusion of the report. "A significant security breach could disrupt an entity’s mission-critical work and their reputation would be sorely damaged."
According to the report:
The KSLPA audited the following entities:
Every three years the KSLPA conducts a risk assessment on selected state agencies. According to the KSLPA, the contents of the individual reports are kept confidential to prevent jeopardizing the entity's security.
In October of last year, Kansas was asked to pay a ransom for a foreign cyberattack that crippled court systems statewide. Kansas Governor Laura Kelly confirmed the details in an interview with Nexstar Kansas Capitol Bureau Chief Rebekah Chung. Chief Justice Marla Luckert later came out saying Kansas was the target of a Russia-based ransomware group.
Lukert said the state didn’t pay Russian hackers to restore the court systems.
For more local news, click here. Keep up with the latest breaking news in northeast Kansas by downloading our mobile app and by signing up for our news email alerts. Sign up for our Storm Track Weather app by clicking here.
