From FCW:

Tatyana Bolton, a cybersecurity expert at the R Street Institute, said the news of new vectors and vulnerabilities is “unsurprising” and that more will likely be found because of “how weak the U.S. federal cybersecurity requirements currently are.”

“There are best practices that we already know could help prevent breaches like this, but we have lacked the political will to implement them,” she said, noting practices such as developing federal cloud security certification and improving readiness for incident response and recovery.

“All of these were recommendations made by the Cyberspace Solarium Commission in its recent report, and need to be implemented yesterday,” she added.