16 U.S. agencies flunk computer security review
IDG News Service -
In a scathing report released Friday, the U.S. congressional Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations flunked 16 federal agencies on their computer security efforts, while giving barely passing grades to a host of other agencies.
"It is disappointing to announce that the federal government has received a failing grade on its security efforts," Subcommittee Chairman Rep. Stephen Horn (R-Calif.) said in his opening remarks upon presenting the annual computer security report card.
The subcommittee began grading 24 major executive branch departments of the U.S. government last year after Congress passed the Government Information Security Reform Act, which requires federal agencies to establish agencywide computer security programs that protect the systems that support their missions.
Critical agencies such as the Department of Defense, Department of Transportation, Department of Health and Human Services, and Department of Energy, as well as the Nuclear Regulatory Commission, all received "F's," a failing grade.
The dismal report card comes at a particularly sensitive time, when the U.S. is at war in Afghanistan and facing terrorism threats at home, making the protection of sensitive government information all the more crucial.
"All of us in Congress are well aware that the nation is in a state of war," said Horn. "It is not anyone's intention to place this great land at further risk of attack. It is, however, very important that the new administration take heed of the sobering assessment the subcommittee is providing and work to expeditiously address this most important need."
Other agencies that were handed a failing grade included the Department of Justice, Department of Treasury, Department of the Interior and the Department of Education.
Meanwhile, a handful of other agencies slipped by with a "D," which is passing, but barely so. Those included the Federal Emergency Management Agency, the General Services Administration and the Department of State.
The National Aeronautics and Space Administration scored a "C-minus" -- slightly below average -- while the National Science Foundation merited the highest grade of the group, scoring a "B-plus." An "A" would have been the highest score, but none were given out.
The ratings were determined by security audits and evaluations performed by agency inspectors general since July of last year using standards set by the Office of Management and Budget.
"Without proper protection, the vast amount of sensitive information stored on government computers could be compromised and the systems themselves subject to malicious attacks," Horn warned. "As the recent spate of computer viruses and worms have shown, cyberattacks have the potential to cause
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Security
Additional Resources



Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...

