GCN Tech Blog

By GCN Staff

Blog archive

Latest FISMA grades leave more to be desired

The Washington Post (which is owned by the same company that owns GCN) reported last night that the FISMA grades coming out today are less than impressive. Overall, government gets a D+ for network security, which is the same grade it got last year.

The grades, which are handed out by the House Government Reform Committee, are meant to reflect federal agencies' IT security postures, although some experts say agencies spend so much time and money just trying to meet Federal Information Security Management Act standards that they can't actually spend resources on protecting their networks. GCN's own IT security expert William Jackson has written often about FISMA grades.

In a statement released today, Bruce Brody, vice president for information security at research firm Input Inc., said, "FISMA has become a largely paperwork drill among the departments and agencies, consuming an inordinate amount of resources for reporting progress while putting in place very little in the way of actual security improvements."

According to the Post story, nine departments failed the FISMA security test, including Agriculture, Defense, Energy and Homeland Security--not exactly the federal agencies you want employing lax IT security.

The committee is prepared to hand A+ grades to the Agency for International Development, EPA, the Labor Department, Office of Personnel Management and the Social Security Administration, according to the Post.

OPM has steadily improved over the years, pulling down an F in 2001, when the committee started handing out the grades, improving to a C- in 2004, and now landing at the top of the class. EPA has shown a similar rise.

More to come at GCN.com.

Posted by Brad Grimes

Posted by Brad Grimes, Joab Jackson on Mar 16, 2006 at 9:39 AM


Featured

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    OPM nominee plans focus on telework, IT, retirement

    Kiran Ahuja, a veteran of the Office of Personnel Management, told lawmakers that she thinks that the lack of consistent leadership in the top position at OPM has taken a toll on the ability of the agency to complete longer term IT modernization projects.

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

Stay Connected