Network World
Thursday, November 12, 2009
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

The federal government's 2005 security grades

Related links

Security Notes RSS feed

E-mail Ellen Messmer

Security Notes archive.

Security forum
Discuss Security Notes and other Security topics.


Remember how it used to feel when your school's year-end report cards went out and you wondered how you'd do, especially in respect to your peers? Well, in Congress yesterday, the House Government Reform Committee handed out the annual cyber-security grades to 24 large federal agencies, based on reviews carried out by the Office of Budget and Management (OMB). The average cyber-security score? D+

That D+ was the average grade for the year 2004 as well when the House Government reform Committee last handed out cyber-security grades, a ritual that has gone on since 2001, when the average grade was F.

If this were school, the federal government would have to repeat a year. Every year.

So which agencies are weighing down the national cybersecurity average with an "F"? They are: The Dept. of Agriculture, the Department of Defense, Dept. of Energy, Health and Human Services, Dept. of Homeland Security, Dept. of the Interior, the State Department and the Dept. of Veterans Affairs.

There were a few high achievers, though too, agencies that got between an A+ to B-. These few agencies are: Agency for International Development, Environmental Protection Agency, General Services Administration, Dept. of Labor, National Science Foundation, Officer of Personnel Management and the Social Security Administration.

It's particulary depressing that agencies with direct responsibility for national security--the Defense Dept. and Dept. of Homeland Security, and State--can't pass cybersecurity examinations based on the rules of the Federal Information Security Mnagament Act.

Back to Security Notes

Comments

Post a comment

Name:


E-mail address:


URL:


Comments:


Remember info?