Agency IT security improves'a little
- By Jason Miller
- Feb 18, 2005
Seven agencies, including the Homeland Security Department, have received failing grades for their IT security efforts.
Rep. Tom Davis, chairman of the House Government Reform Committee, last week issued the fifth annual Federal Computer Security Grades, and once again the report found overall federal cybersecurity severely lacking.
'The vulnerabilities of our systems are significant, and the potential damage that can be done is almost unspeakable,' the Virginia Republican said. 'A lot of agency managers view this as a cost avoidance measure instead of a bigger issue. We have made progress, but I wish agencies would move faster.'
The committee based its grades on agencies' Federal Information Security Management Act reports. Overall, agencies received a score of 67.3 out of 100, or a D+. That's a slight boost over 65 last year and a fair bump from the 53 of 2001'the first year Congress issued a governmentwide grade.
'It is hard to get your grades up and keep them up,' said Vance Hitch, Justice Department CIO and chairman of the CIO Council's Cybersecurity and Privacy Committee. 'You have to do new and innovative things to improve your performance.'
Davis announced such a new effort'a Chief Information Security Officer Exchange.
The program will convene quarterly meetings to exchange ideas and best practices, and produce an annual security report.
The departments of Agriculture, Commerce, Energy, Health and Human Services, Housing and Urban Development and Veterans Affairs joined DHS in receiving failing scores.
For the complete security report card, go to www.gcn.com and enter 374 in the GCN.com/search box.