Israel’s Land Authority must take action to fix insufficiencies in its cyber defense and other issues with its database, a report by Israel’s State Comptroller on the authority’s data and cyber security released Tuesday found.
The authority is tasked with managing the land in Israel as a resource for the development of the state; and the benefit of the public, environment, and future generations.
The authority has millions of scanned files on land rights. Much of the information collected by the authority is sensitive, and some includes personal and business information.
The authority’s cyber committee has not addressed information security since 2019, said the report, and the committee has not acted to authorize, map, or categorize the authority’s information assets since it was founded in 2017.
Policy decisions about cyber security lagging
The authority’s policy on cyber security has not been updated, discussed or checked since 2019, and only 50% (5 out of 10) of the metrics for cyber defense were discussed and examined at the 2022 cyber committee, the comptroller found.
Five of the databases of the authority that were supposed to be registered with the government databases in order to ensure the privacy of the information in these databases, have not been registered, said the report.
While the authority did tests frequently for the risk of people being able to access their information, the risks discovered in the tests were not brought to the steering committee so that they could be addressed, the report said.
Among positive findings, the report found that in 2022, the authority was in the top fifth of those ranked for their cyber security, according to a ranking by the government’s cyber defense department.
Some of the comptroller’s reports on the data and cyber security of the authority remained confidential.
Comments are closed.