DHS failing to secure data despite $322m security spend


DHS failing to secure data despite $322m security spend

Antony Savvas

The US Department of Homeland Security, which sets the benchmark for IT security practice in America, suffered more than 840 IT security lapses in 2005 and 2006, despite spending $332m on IT security this year.

This emerged during Congressional hearings on the DHS’s lapses. These included Trojan infections, sending classified e-mails over unprotected networks, hard copies of user IDs and passwords for a local network administrator, and unauthorised attachment of personal digital devices to DHS networks.

At the hearing, Government Accountability Office (GAO) auditors damned the DHS’s US-Visit programme, which is meant to keep out undesirable visitors by using biometric identity measures. The GAO said sensitive personal information was at risk unless DHS fixed “pervasive” IT-security flaws.

GAO auditor Keith Rhodes told the hearing he did not find anti-hacking controls, defensive perimeters, or intrusion or change detection measures.

US Homeland Security condemned as insecure >>

Zitz put in charge of cybersecurity at DHS >>

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy