GCN Tech Blog

By GCN Staff

Blog archive

Latest FISMA grades leave more to be desired

The Washington Post (which is owned by the same company that owns GCN) reported last night that the FISMA grades coming out today are less than impressive. Overall, government gets a D+ for network security, which is the same grade it got last year.

The grades, which are handed out by the House Government Reform Committee, are meant to reflect federal agencies' IT security postures, although some experts say agencies spend so much time and money just trying to meet Federal Information Security Management Act standards that they can't actually spend resources on protecting their networks. GCN's own IT security expert William Jackson has written often about FISMA grades.

In a statement released today, Bruce Brody, vice president for information security at research firm Input Inc., said, "FISMA has become a largely paperwork drill among the departments and agencies, consuming an inordinate amount of resources for reporting progress while putting in place very little in the way of actual security improvements."

According to the Post story, nine departments failed the FISMA security test, including Agriculture, Defense, Energy and Homeland Security--not exactly the federal agencies you want employing lax IT security.

The committee is prepared to hand A+ grades to the Agency for International Development, EPA, the Labor Department, Office of Personnel Management and the Social Security Administration, according to the Post.

OPM has steadily improved over the years, pulling down an F in 2001, when the committee started handing out the grades, improving to a C- in 2004, and now landing at the top of the class. EPA has shown a similar rise.

More to come at GCN.com.

Posted by Brad Grimes

Posted by Brad Grimes, Joab Jackson on Mar 16, 2006 at 9:39 AM


inside gcn

  • facial recognition tech (Artem Oleshko/Shutterstock.com)

    Biometric ID spots imposters at land crossing

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities

More from 1105 Public Sector Media Group