Feds get low information security grades from CSIA

Share this article:

Despite some steps to improve the national information security infrastructure, the federal government earned low grades in the subject from one advocacy group.

The Cyber Security Industry Alliance (CSIA) gave the federal government a "D" in three prominent information security areas: security of sensitive information, security and resiliency of critical information infrastructure and federal information assurance.

The organization also urged the Bush Administration and Congress to implement legislation to protect sensitive information and critical infrastructure.

Recent personal information exposures should cue lawmakers to do more to protect consumers’ personal data, Liz Gasster, CSIA acting executive director and general counsel, told SCMagazine.com today.

"What we are really talking about here is the need for a comprehensive approach to protect personal data, wherever that data might be," she said. "Congress could take a huge step by passing a law that would protect data wherever it might rest, and it would benefit the public sector and the private sector."

The CSIA gave the feds poor grades on securing sensitive information because Congress failed to pass a comprehensive law protecting personal data, and a "D" on protecting critical infrastructure because the U.S. Department of Homeland Security (DHS) has not offered a clear agenda on cybersecurity priorities or established a coordination network.

The government fared poorly on information assurance because it needs improvement in "procurement, resolving systemic telework issues and releasing information on the cost of cyberattacks," according to a CSIA statement.

The organization called on Congress to pass a comprehensive federal breach notification act and work with the administration to strengthen the Federal Information Security Management Act.

The CSIA also urged DHS to establish cybersecurity and telecommunications priorities.

Click here to email Online Editor Frank Washkuch Jr.

Share this article:

Sign up to our newsletters

More in News

Virgin Media email blunder leads to breach affecting 130k

The message snafu affected only customers with a Virgin.net account.

German Aerospace Center discovers spy malware on network

The possibly foreign malware affected all computer systems and left little for investigators to work from because it was designed to self-destruct.

A Starbucks scam is brewing, phishing emails contain Zeus attachment

Emails purporting to come from Starbucks actually come attached with a modified version of the Zeus banking trojan, but numerous spelling and grammar mistakes should give the scam away.