GCN Tech Blog

By GCN Staff

Blog archive

Latest FISMA grades leave more to be desired

The Washington Post (which is owned by the same company that owns GCN) reported last night that the FISMA grades coming out today are less than impressive. Overall, government gets a D+ for network security, which is the same grade it got last year.

The grades, which are handed out by the House Government Reform Committee, are meant to reflect federal agencies' IT security postures, although some experts say agencies spend so much time and money just trying to meet Federal Information Security Management Act standards that they can't actually spend resources on protecting their networks. GCN's own IT security expert William Jackson has written often about FISMA grades.

In a statement released today, Bruce Brody, vice president for information security at research firm Input Inc., said, "FISMA has become a largely paperwork drill among the departments and agencies, consuming an inordinate amount of resources for reporting progress while putting in place very little in the way of actual security improvements."

According to the Post story, nine departments failed the FISMA security test, including Agriculture, Defense, Energy and Homeland Security--not exactly the federal agencies you want employing lax IT security.

The committee is prepared to hand A+ grades to the Agency for International Development, EPA, the Labor Department, Office of Personnel Management and the Social Security Administration, according to the Post.

OPM has steadily improved over the years, pulling down an F in 2001, when the committee started handing out the grades, improving to a C- in 2004, and now landing at the top of the class. EPA has shown a similar rise.

More to come at GCN.com.

Posted by Brad Grimes

Posted by Brad Grimes, Joab Jackson on Mar 16, 2006 at 9:39 AM


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.