The Department of Homeland Security isn’t all that secure… at least
when it comes to its computer systems.
The Committee on Government Reform gave the agency, which in the
aftermath of the Sept. 11 terrorist attacks was charged with protecting
the nation from threats, a failing grade for network security the second
year in a row Thursday. And DHS wasn’t the only U.S. federal agency to
receive a poor mark in what has become an annual report card on federal
computer security.
Overall, the government received a D+.
Five of the 24 agencies, including the Department of Commerce and the
Treasury Department, received D grades. Eight of them, including the
Department of Justice, the Department of Defense and the State Department
all failed. The Department of Health and Human Services, which would
manage the country’s response to the bird flu if it came within U.S.
borders, also received an F.
On the other side of the grading curve, seven agencies, including the
Department of Labor, the Social Security Administration and the
Environmental Protection Agency, received A grades.
”This year, the federal government, as a whole, hardly improved,
receiving a D+ yet again,” Rep. Tom Davis (R-Va.), chairman of the House
Government Reform Committee, told a hearing on Capitol Hill yesterday.
”Our analysis reveals that the scores for the Departments of Defense,
Homeland Security, Justice, State — the agencies on the front line in
the war on terror — remain unacceptably low or dropped precipitously.”
The results are from the fourth-annual network security review of
government agencies under the Federal Information Security Management Act
(FISMA).
This year, 10 agencies showed improvement with the National Aeronautics
and Space Administration, for instance, raising its score from a D- in
2004 to a B- in 2005.
Eight agencies received a worse grade this time around. The Department of
Justice went from a B- in 2004 to a D in 2005, and the Nuclear Regulatory
Commission dropped from a B+ to a D-.
Five agencies, including DHS, the Department of Veterans Affairs and the
Department of Energy, maintained a failing grade year over year.
Davis said the committee is concerned about several specific areas of
network security: specialized training for workers with significant
security responsibilities, inconsistent incident reporting,
implementation of configuration management policies, annual testing of
security controls and agency responsibility for contractor systems.
Gregory C. Wilshusen, director of Information Security Issues at the U.S.
Government Accountability Office, told those at the hearing that
information security has long been identified as a government-wide,
high-risk issue.
”For many years, we have reported that poor information security is a
widespread problem that has potentially devastating consequences,” he
said. ”The degree of risk caused by security weaknesses is high. The
weaknesses we identified place a broad array of federal operations and
assets at risk.”
Wilshusen pointed to problems with many agencies’ contingency plans.
”Agencies reported that only 61 percent of their systems had tested
contingency plans, thereby reducing assurance that agencies will be able
to recover from the disruption of those systems with untested plans,” he
said. ”Although this number continues to show small increases each year
since 2003… five agencies reported less than 50 percent of their
systems had tested contingency plans.”
Another report released Thursday by INPUT, a Reston, Va.-based analyst
firm and consultancy focused on government business, also gave the
government dismal computer security marks.
The report called FISMA ”largely ineffective”.
”FISMA has become a largely paperwork drill among the departments and
agencies, consuming an inordinate amount of resources for reporting
progress, while putting in place very little in the way of actual
security improvements,” Bruce Brody, vice president of information
security at INPUT, said in a written statement.
Scott Charbo, chief information officer of the Department of Homeland
Security, was upbeat in his statement in front of the hearing, despite
his agency’s results on this year’s score card.
”The department’s [information security] program has come a long way in
just three short years,” he said, adding that the agency’s work has
”paved the way for real and measurable cyber security improvements in
the near future… I am confident that the DHS Information Security
Program is moving in the right direction.”
Chairman Davis, though, voiced his concerns in his opening statement.
”If FISMA was the No Child Left Behind Act, a lot of critical agencies
would be on the list of ‘low performers’,” he said. ”None of us would
accept D+ grades on our children’s report cards. We can’t accept these
either.”
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.