IG: State Department flunks systems security

IG: State Department flunks systems security

The State Department's information system security remains weak a year after the department was told of serious flaws, according to a recent report by the State inspector general's office. The IG reviewed system security in accordance with the Government Information Security Reform Act, which calls for annual reviews. Even though State made a plan for certifying and accrediting its systems, it has no timetable, according to the IG.

Department officials had certified and accredited only 4 percent of systems by August, the report said. In addition, even though 72 percent of the department's 358 systems have security classifications, only 15 percent have security plans, it said.

Investigators also found problems at overseas posts, where the information system security officers 'generally were not performing all the requisite duties,' the report said. None of the 11 posts visited by the investigators had information security plans, according to the report, which also criticized poor management, technical and operational controls that increase 'the risk to mission operations.'

The IG's office said it will make recommendations to correct the problems. State officials did not respond to repeated requests for comment on the report.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected