DHS failing to secure data despite $322m security spend
- Author:
- Anthony Savvas
- Posted:
- 13:02 22 Jun 2007
- Topics:
- Data Management | Security | Networking | Security Flaws & Exploits | Viruses & Virus Protection | Business Continuity | e-mail
The US Department of Homeland Security, which sets the benchmark for IT security practice in America, suffered more than 840 IT security lapses in 2005 and 2006, despite spending $332m on IT security this year.
This emerged during Congressional hearings on the DHS’s lapses. These included Trojan infections, sending classified e-mails over unprotected networks, hard copies of user IDs and passwords for a local network administrator, and unauthorised attachment of personal digital devices to DHS networks.
At the hearing, Government Accountability Office (GAO) auditors damned the DHS’s US-Visit programme, which is meant to keep out undesirable visitors by using biometric identity measures. The GAO said sensitive personal information was at risk unless DHS fixed “pervasive” IT-security flaws.
GAO auditor Keith Rhodes told the hearing he did not find anti-hacking controls, defensive perimeters, or intrusion or change detection measures.
US Homeland Security condemned as insecure >>
Zitz put in charge of cybersecurity at DHS >>
Comment on this article: computer.weekly@rbi.co.uk
