EDITOR'S DESK: Feds score one
Amid all the recent coverage of government failings, it was easy to miss one piece of promising news where federal IT officials outmanaged many of their commercial-world counterparts.
Their success came in the latest round of cyberattacks, when the Zotob computer worm cut a wide swath across commercial networks, including systems at CNN, ABC News and the New York Times. But when the worst was over, federal IT systems had withstood the attacks with flying colors.
Agencies reported fewer than 200 incidents among the hundreds of thousands of systems that run Windows 2000; most agencies experienced little'if any'im-pact on their networks.
Much of the credit goes to federal information security managers for their heightened readiness and management discipline these days.
Both are critical, especially on the second Tuesday of each month'Patch Tuesday'when Microsoft issues patches to its products. In what is becoming the ultimate global computer game'but where the stakes are real'IT security managers must race the clock against the threat that hackers will exploit Microsoft's latest vulnerabilities faster than they can be fixed. That was the case with Zotob.
The real challenge for federal IT managers isn't just installing the patches across far-flung systems, it's figuring out how to install them with the least possible disruption. That isn't easy on any network. Managing the process across an enterprise as large as the federal government is another story altogether.
Many will credit the Federal Information Security Management Act for raising awareness about network security, and rightly so. And much more must still be done to tighten cybersecurity gaps. But this latest victory reflects the genuine progress federal IT managers have made in configuration management, building security requirements into contracts and managing the processes that guard against attacks that have crippled thousands of federal systems in the past.
Wyatt Kash served as chief editor of GCN (October 2004 to August 2010) and also of Defense Systems (January 2009 to August 2010). He currently serves as Content Director and Editor at Large of 1105 Media.