Israel’s Land Authority must take action to fix insufficiencies in its cyber defense and other issues in its database, according to a report released Tuesday by Israel’s comptroller.
The authority is tasked with managing the land in Israel as a resource for the development of the state and the benefit of the public, environment, and future generations.
The authority has millions of scanned files on land rights. Much of the information collected by the authority is sensitive, including, in some cases, personal and business information.
Policy decisions about cybersecurity lagging
The authority’s cyber committee has not addressed information security since 2019, said the report, and the committee has not acted to authorize, map, or categorize the authority’s information assets since it was founded in 2017, the comptroller found. Only 50% of the metrics for cyber defense were discussed and examined at the 2022 cyber committee, the report added.
Five of the databases of the authority that were supposed to be registered with the government databases, in order to ensure the privacy of the information, have not been registered, according to the report.
The report stated that despite conducting frequent tests to protect people’s private information, the authority failed to inform the steering committee of the risks that required attention.
Among some positive findings, the report said that in 2022, the authority was in the top fifth among those ranked for their cyber security, according to a ranking by the government’s cyber defense department.
Some details of the comptroller’s report have remained confidential.