Homeland Security network gets an F

Mar 21, 2006

If the Department of Homeland Security were a high school student, it would be in severe danger of getting left back. For the second consecutive year the department has received a failing grade from the House Government Reform Committee for network security. The government as a whole received a D-plus, the same grade as last year.

Paul Kurtz, executive director of the Cyber Security Industry Alliance, said in a news release that the grades draw attention to something that's been a problem for a while.

"This report makes clear that major government agencies continue to run in place and make no appreciable progress," he said.

Kurtz said that the lack of progress for Homeland Security is especially bad as they are supposed to be a security leader among federal agencies.

"This begs the question: What can be done about the state of DHS cyber-security?" he said. "Hopefully they can make significant improvements before a major catastrophe."

"This year, the federal government as a whole hardly improved, receiving a D-plus yet again," said Rep. Tom Davis, R-Va., chairman of the committee. "Our analysis reveals that the scores for the Departments of Defense, Homeland Security, Justice, State -- the agencies on the front line in the war on terror -- remain unacceptably low or dropped precipitously."

Kurtz said that the committee's efforts in "holding agencies' feet to the fire" helped bring attention to poor security efforts.

Scot Montrey, communications director for the Cyber Security Industry Alliance, said that the committee's attempt to grade federal agencies on network security is useful in publicizing problems that arise.

"It's good that this is out there," Montrey said. "It's forcing the agencies to look at the issues, and creating accountability."

Montrey said that Homeland Security's grade should be especially noteworthy.

"A lot of time has gone by now" since the department's creation, he said. "It's time to start seeing some results."

According to Montrey, the lack of progress in grades among the entire government is a particular concern given how quickly new technology can bring about new threats in the form of cybercrime, spam and phishing.

"Even if everything is perfectly static, threats are continuing to rise," he said.

Montrey said that it would be beneficial for the Council of Europe's Convention on Cybercrime to finally move forward and get enacted by the U.S. Government.

The convention is merely awaiting a vote on the Senate floor. Two senators have anonymously placed holds on the convention to keep it from coming to a vote.

Montrey said that there's no obvious reason why a senator would want to keep the Convention on Cybercrime from coming to a vote.

"There are not a lot of substantive controversies to it," he said.

Montrey said the convention does not change any current U.S. law on cybercrime but codifies work between U.S. law-enforcement agencies and those overseas in order to better fight cybercrime internationally.

As a world power, "the U.S. has a responsibility to show leadership here," he said.

In addition to the Departments of Homeland Security, Justice, State and Defense, the Department of Human Health Services also got a failing grade from the committee.

On the other side, the Department of Labor, the Social Security Administration and the Environmental Protection Agency were among seven agencies receiving a grade of A.

Copyright 2006 by United Press International

Explore further: Nvidia launches tablet for on-the-go gamers

add to favorites email to friend print save as pdf

Related Stories

Making progress on deforestation

Jun 24, 2014

In 2005, Brazil was losing more forest each year than any other country. The good news is that today, Brazil has reduced deforestation in the Amazon rainforest by 70 percent, according to a recent study. ...

Clean reviews preceded Target's data breach, and others

Apr 02, 2014

Trustwave Holdings gave Target Corp. the green light on payment card security last September, just weeks before malware installed on the retailer's networks began sucking up customer information in a mega data heist.

Study cites 'dangerous weak link' in nuke security

Jan 08, 2014

The number of countries possessing the makings of a nuclear bomb has dropped by almost one-quarter over the past two years, but there remain "dangerous weak links" in nuclear materials security that could be exploited by ...

Obsolete gadgetry can pile up, contributing to pollution

Jan 08, 2014

Christmas gifts of yesteryear meet an inglorious end at Absolute Green Electronics Recycling in Lake Forest, Calif. Computers are dismantled, the parts sorted into cardboard bins. One holds nothing but hard drives, another ...

Recommended for you

Google made failed bid for Spotify

4 hours ago

Internet titan Google tried last year to buy streaming music service Spotify but backed off for reasons including a whopping price tag, the Wall Street Journal reported on Tuesday.

Thieves got into 1,000 StubHub accounts

5 hours ago

(AP)—Cyber thieves got into more than 1,000 StubHub customers' accounts and fraudulently bought tickets for events through the online ticket reseller, a law enforcement official and the company said.

User comments : 0