Cybersecurity Testing of HHS and Consumer Mobile Applications
Various HHS OpDivs use mobile applications as alternative ways to reach mobile device users. Cybersecurity researchers have indicated that a large majority of Android and iOS apps across every industry lack the most basic security protections. HHS-OIG will perform a series of penetration test audits of certain mobile applications to determine whether security controls protecting HHS and its OpDivs' mobile applications are effective in preventing certain cyberattacks. Also, as part of this work, we will determine whether HHS and its OpDivs are following required security standards and policies for the development and vetting of mobile apps. HHS-OIG will perform this work because of the steady increase in the use of mobile apps by HHS and its OpDivs to provide access to health services.
|Announced or Revised||Agency||Title||Component||Report Number(s)||Expected Issue Date (FY)|
|November 2021||CDC, NIH, AHRQ||Cybersecurity Testing of HHS and Consumer Mobile Applications||Office of Audit Services||W-00-22-42040||2024|