GCN Tech Blog

By GCN Staff

Blog archive

Latest FISMA grades leave more to be desired

The Washington Post (which is owned by the same company that owns GCN) reported last night that the FISMA grades coming out today are less than impressive. Overall, government gets a D+ for network security, which is the same grade it got last year.

The grades, which are handed out by the House Government Reform Committee, are meant to reflect federal agencies' IT security postures, although some experts say agencies spend so much time and money just trying to meet Federal Information Security Management Act standards that they can't actually spend resources on protecting their networks. GCN's own IT security expert William Jackson has written often about FISMA grades.

In a statement released today, Bruce Brody, vice president for information security at research firm Input Inc., said, "FISMA has become a largely paperwork drill among the departments and agencies, consuming an inordinate amount of resources for reporting progress while putting in place very little in the way of actual security improvements."

According to the Post story, nine departments failed the FISMA security test, including Agriculture, Defense, Energy and Homeland Security--not exactly the federal agencies you want employing lax IT security.

The committee is prepared to hand A+ grades to the Agency for International Development, EPA, the Labor Department, Office of Personnel Management and the Social Security Administration, according to the Post.

OPM has steadily improved over the years, pulling down an F in 2001, when the committee started handing out the grades, improving to a C- in 2004, and now landing at the top of the class. EPA has shown a similar rise.

More to come at GCN.com.

Posted by Brad Grimes

Posted by Brad Grimes, Joab Jackson on Mar 16, 2006 at 9:39 AM


Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.