Newsletters Welcome, Guest Log In | Register
News:

Security

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

0

Government Gets "C" for Security

Posted by Kara Reeder May 21, 2008 10:58:29 AM

The federal government has received its 2007 computer security report cards from the House Committee on Oversight and Government Reform. The government earned a "C" for protecting against cyber attack, which is a slight improvement over the "C-minus" it got in 2006, reports The Washington Post.

 

According to this Federal Times article, nine agencies earned failing grades, including the departments of Defense, Labor, Treasury and Veterans Affairs. On the flip side, the Department of Justice, the Agency for International Development and the Environmental Protection Agency are among the agencies that earned "A" grades.

 

However, there is skepicism about the report cards. The grades are based on reports compiled for the Federal Information Security Management Act. Alan Paller, director of research at the SANS Institute, says the FISMA reports say nothing about security and only measure compliance with report generation. Paller also notes that agencies are not required to demonstrate that they have effectively implemented the mandated controls.

 

Despite a "passing" grade, there is obviously work that still needs to be done. Even though federal IT staff admit they are concerned about security, agencies are still making headlines for security breaches.

Related Content

Add a comment Leave a comment on this blog post.

There are no comments on this post

Premium Tools

Browse

IT Security Manual Template

Immediately download a customizable set of documents and templates that covers every aspect of IT Security. These templates are compliant with ISO27000, HIPPAA and Sarbanes oxley standards.

Learn more >

The IT Governance and Compliance Toolkit

This Toolkit is a collection of templates and instructional documents that help you assess and establish the crucial policies that you need to operate a secure and compliant IT organization.

Learn more >

Related Content

Browse

Topic: Network Security

Protect and preserve your network, your data and the life of your business

Blog: Communicating E-Commerce Security Efforts with Consumers

Article: NSF Problem Proves Basic Content Filtering No Longer Enough

White Paper: Bullet-Proofing Instant Messaging

Related Topics

Government Agencies

Featured White Papers

Browse

Should You Install Messaging Security Software on Your Exchange Server?

This white paper discusses the detailed results of an Osterman Research survey on messaging security software and conclusions about administrators' attitudes regarding installing third-party software on the Exchange server.

Web Security SaaS: The Next Generation of Web Security

This white paper describes the next generation of Web security and identifies the critical elements that make for lower-cost and easier-to-manage Web security solutions.

Resource Centers

Browse

Data Loss Protection

Data-loss prevention tactics, technologies and best practices to protect your sensitive and valuable company data.

Featured Whitepapers

Realizing Enhanced Productivity and Timely ROI from Your DLP Security Technology

Security Information and Event Management

Best practices, strategies and technologies to help you use security information and event log management efficiently and effectively in order to get business value in terms of increased security, reduced risk, regulatory compliance and increased business agility.

Featured Whitepapers

The Top Ten Insider Threats and How to Prevent Them

Security SaaS Solutions

Hosted security solutions that not only protect your data, but reduce your security management TCO, as well.

Featured Whitepapers

Why Security SaaS Makes Sense Today