Most US federal agencies have received low grades for
failing to protect their computer networks from hackers and other
cyberterrorists for the fourth year in a row.
The report card, issued by the US House Government Reform
Subcommittee on Technology, graded agencies on their progress in
complying with the Federal Information Security Act of 2002, which
requires federal agencies to submit data on their computer security
programs to the Office of Management and Budget every
September.
The Department of Homeland Security was one of eight agencies
that received a grade F for its network security efforts. In 2002,
13 agencies received a failing grade.
DHS officials could not be reached for comment.
The Department of Justice, as well as the departments of Energy,
Health and Human Services, Interior, Agriculture, Housing and Urban
Development, and State also received failing grades.
On the other end of the scale, two agencies received an A or A-
score: the Nuclear Regulatory Commission and the National Science
Foundation. The Social Security Administration received a B+, and
the Department of Labor got a B.
"Obviously, the fact that the federal government has moved from
an overall score of F to D and 14 agencies showed improvement in
their scores is a positive sign," said Bob Dix, the subcommittee's
staff director.
However, he added, the fact that there are still eight agencies
with failing grades indicated the issue has not been given the
priority it deserves.
"While some of the agencies provided evidence of strong support
by virtue of the strong scores they got, others continue to have
failing grades, which is evidence that they haven't given the
proper attention to this issue," Dix said. "We are just not doing
enough to achieve the results that we must achieve."
Linda Rosencrance writes for
Computerworld