Wednesday, April 11, 2007

Government computer security grade improves to C-

A Washington Post column by Brian Krebs reports that government-wide grades will be released tomorrow.

The grades are based on the agencies' internal assessments and information they are required to submit annually to the White House Office of Management and Budget. The letter grades depended on how well agencies met the requirements detailed in the Federal Information Security Management Act.

The 2003 law, known as FISMA, requires agencies to meet a wide variety of computer security standards, ranging from operational details -- such as ensuring proper password management by workers and restricting employee access to sensitive networks and documents -- to creating procedures for reporting security problems.

It would be nice to think that American industry did even this well.

Updated 4/12/07 to add: Here's a link to the report card itself.
Department of Homeland Security: D.
Department of Defense: F.
Nuclear Regulatory Comission: F.
Department of Treasury: F.

Do you feel safer now?

Labels: , , , ,


Post a Comment