Insurance & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:19 AM
David Carr, InformationWeek
David Carr, InformationWeek
Connect Directly
50% Still Insecure, Critics Tell House Panel

At Congressional hearing, critic who suggested in November site should be shut down says, "Nothing has changed."

In a sequel to a previous inquiry about the risks associated with the federal government's health insurance exchange website, the US House Science, Space, and Technology Committee held a hearing Tuesday entitled Consequences of Stolen Identity.

While the testimony presented was a little less unanimous against the integrity of the website this time, Democratic members protested the premise of the hearing as biased and giving too much weight to speculation about potential vulnerabilities rather than evidence of real problems.

Testifying before a US House committee, David Kennedy, CEO of TrustedSEC, LLC, said that "nothing has changed" to alter the opinion he offered at the same committee's November hearing that the website is insecure and should have been shut down until basic flaws were corrected.

"I don't understand how we're still discussing whether the website is insecure or not. It is. It's not a question of whether it's insecure -- it's how to fix it," Kennedy said. He also provided the committee with a collection of letters from security experts -- Ed Skoudis, Kevin Mitnick, Kevin Johnson, Lares Consulting (Chris Gates, Eric Smith, Chris Nickerson), and John Strand -- echoing his condemnation.

Read the rest of this article on InformationWeek

Register for Insurance & Technology Newsletters