By Robert Lemos, 10 December 2003 09:20
NEWS US federal departments and agencies are showing some improvement in protecting their computer networks, but many - including the Department of Homeland Security - are failing, according to a US government report released on Tuesday.
The report, prepared for the House of Representatives' Committee on Government Reform, found that almost all agencies had improved their computer-security grade since last year. However, several key federal departments continued to fail to adequately protect their networks and earned an "F."
"For too long now information security has taken a back seat in the collective conscience (sic) of our nation," said a statement from Tom Davis, the committee chairman. "We must come to the stark realisation that a major Achilles heel is our computer networks."
Overall, the government earned a "D" on this year's report card. In 2002, it was given an "F."
Two agencies, the Department of Health and Human Services and the National Aeronautics and Space Administration, slipped in the rankings since 2002. The newest department in the federal government, the Department of Homeland Security, got off to a bad start with an overall "F" for its computer security, despite the fact that securing the nation's network is part of its mission.
Davis took the private sector to task for poor security overall as well.
"The culture of our top-level chief executives in the private sector, and top executives in government, must be changed," he said in the statement. "We must get those at the very top, the decision makers, the ones accountable to the shareholders, the customers or the electorate, to recognise that lack of network security in an organisation is a material weakness and one that deserves necessary resources and immediate action."
This year, two agencies earned an "A": the Nuclear Regulatory Commission and the National Science Foundation. Ironically, a privately maintained nuclear reactor under the NRC's jurisdiction suffered an attack by the Slammer worm in early 2003.
The agencies' rankings can be found on the Committee on Government Reform's website.
Robert Lemos writes for CNET News.com
Comments
There is 1 comment. Join the discussion
1. Joe Papp
Yes! This 50 year old engineer, in the Midwest has grave concerns about the security of the Internet.
90% of my work DEPENDS on the Intranet and the company Intranet these days.
There is strong indication that SPAM is NOT just "junk mail", but part of an external effort to probe the domestic military/industrial/commercial Internet to gather data for attacking it.
I've written Homeland Security, but this is only in the last week (End of Jan, 2004) so the lack of response is not trouble (yet).
I think it is time for HACKERS OF THE USA to UNITE! And do their part to make up for the "computer illiterates" in the gum-mint..