Energy’s zooming cybersecurity attack rate calls for management reforms auditors say

"The IG report said it took 10 months to learn that a hacker had stolen the names and Social Security numbers of 1,500 Energy employees from an NNSA site in 2005. Seven of 11 field sites audited, three federal and eight contractor-operated, have not identified which of their systems store such personal information or evaluated the risks of exposing it.

Energy's CIO will now draft a formal departmental cybersecurity strategy by March 31, according to the IG's report."