IG: State Department flunks systems security

IG: State Department flunks systems security

The State Department's information system security remains weak a year after the department was told of serious flaws, according to a recent report by the State inspector general's office. The IG reviewed system security in accordance with the Government Information Security Reform Act, which calls for annual reviews. Even though State made a plan for certifying and accrediting its systems, it has no timetable, according to the IG.

Department officials had certified and accredited only 4 percent of systems by August, the report said. In addition, even though 72 percent of the department's 358 systems have security classifications, only 15 percent have security plans, it said.

Investigators also found problems at overseas posts, where the information system security officers 'generally were not performing all the requisite duties,' the report said. None of the 11 posts visited by the investigators had information security plans, according to the report, which also criticized poor management, technical and operational controls that increase 'the risk to mission operations.'

The IG's office said it will make recommendations to correct the problems. State officials did not respond to repeated requests for comment on the report.

Featured

  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.