Tim Hoover reports that the state’s cybersecurity is not in good shape and that personal information is at “high risk. You can read his report in the Denver Post.
While the news may not be good, kudos are due for hiring a firm to try to hack into the state’s systems to determine just how weak the security really is.
Hoover also reports that we may not have been told about all state breaches:
And while there had been 43 cyber-security incidents reported to the office since 2006, auditors thought the number was higher, noting that some known incidents had not been reported.
And of course, that’s only the incidents they know about and doesn’t include incidents that were never detected (yes, I’m assuming that there have been undetected incidents. Wouldn’t you?)