Feds get low information security grades from CSIA

Share this article:

Despite some steps to improve the national information security infrastructure, the federal government earned low grades in the subject from one advocacy group.

The Cyber Security Industry Alliance (CSIA) gave the federal government a "D" in three prominent information security areas: security of sensitive information, security and resiliency of critical information infrastructure and federal information assurance.

The organization also urged the Bush Administration and Congress to implement legislation to protect sensitive information and critical infrastructure.

Recent personal information exposures should cue lawmakers to do more to protect consumers’ personal data, Liz Gasster, CSIA acting executive director and general counsel, told SCMagazine.com today.

"What we are really talking about here is the need for a comprehensive approach to protect personal data, wherever that data might be," she said. "Congress could take a huge step by passing a law that would protect data wherever it might rest, and it would benefit the public sector and the private sector."

The CSIA gave the feds poor grades on securing sensitive information because Congress failed to pass a comprehensive law protecting personal data, and a "D" on protecting critical infrastructure because the U.S. Department of Homeland Security (DHS) has not offered a clear agenda on cybersecurity priorities or established a coordination network.

The government fared poorly on information assurance because it needs improvement in "procurement, resolving systemic telework issues and releasing information on the cost of cyberattacks," according to a CSIA statement.

The organization called on Congress to pass a comprehensive federal breach notification act and work with the administration to strengthen the Federal Information Security Management Act.

The CSIA also urged DHS to establish cybersecurity and telecommunications priorities.

Click here to email Online Editor Frank Washkuch Jr.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

NIST finalizes cloud computing roadmap

NIST finalizes cloud computing roadmap

The NIST architecture is designed to accelerate the adoption of cloud computing.

Chinese MitM attack targets iCloud users

Chinese MitM attack targets iCloud users

The attack used a false certificate to trick iCloud users into handing over personal data and login credentials. With an attack of this size, some experts and researchers believe the ...

EPIC: driver data shared via V2V technology needs protection

The groups shared comments on V2V communications with the National Highway Traffic Safety Administration.