The Census Bureau still has work to do to prepare its IT systems and cybersecurity, but during a Senate Homeland Security and Governmental Affairs hearing, the director of the bureau and Government Accountability Office (GAO) officials noted that the 2020 Census is making progress on IT issues and is on track.
“The bottom line is that as the countdown to Census day grows short, the bureau has made important progress towards mitigating some of the risks to the Census, and we are encouraged by the Commerce Department’s and Census Bureau’s leadership commitment towards carrying out a cost-effective enumeration,” said Robert Goldenkoff, director of strategic issues at GAO.
Nick Marinos, director of IT and Cybersecurity Management at GAO, praised the Census Bureau’s collaboration with the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA), noting that voluntary assessments have helped identify risk areas that the Bureau has addressed. However, he pointed to GAO’s recommendation that the bureau formalize its vulnerability remediation process for DHS assessments.
“At the end of the day, they will only be as valuable as the corrective actions the bureau takes in response,” he said, noting that the bureau is working to implement recommendations on the subject.
In written testimony, GAO noted that 11 IT systems out of the 52 slated for use are at risk of falling behind schedule, which could affect data collection, business automation, and customer support for self-response. The bureau also has five systems that need an initial authority to operate (ATO), and nine systems that need to be reassessed for an ATO.
While the general tone of the hearing was positive, officials noted that IT and cybersecurity remain some of the biggest concerns for the decennial effort.
“If the Census Bureau gets a decent response rate and that there’s no cybersecurity incidents or IT shortfall, I think the Census will be positioned for a cost-effective headcount. I don’t think we’re looking at disaster, but a lot of work still needs to be done,” said Goldenkoff.
Steve Dillingham, director of the Census Bureau, offered his support for the organization’s cyber readiness, calling the cybersecurity program “well-designed and tested”. Dillingham focused his comments on assuring the public that Census data will be well protected and kept confidential.
“The 2020 Census is easy, safe, and important … our systems are safe and secure, we are following best business practices, and we are hiring the right people in the right positions doing the right things. I am more confident than ever,” said Dillingham.
Senators raised concerns about cybersecurity, but seemed relatively satisfied by the answers from the panel.
“I do want this committee hearing to point out the difficulties so we remain diligent … but I also think it’s important to communicate to the public that we do have things in a manageable situation and I don’t think anyone shouldn’t be panicking,” said Senator Ron Johnson, R-Wis., chairman of the committee.