Feds get low information security grades from CSIA
Despite some steps to improve the national information security infrastructure, the federal government earned low grades in the subject from one advocacy group.
The Cyber Security Industry Alliance (CSIA) gave the federal government a "D" in three prominent information security areas: security of sensitive information, security and resiliency of critical information infrastructure and federal information assurance.
The organization also urged the Bush Administration and Congress to implement legislation to protect sensitive information and critical infrastructure.
Recent personal information exposures should cue lawmakers to do more to protect consumers’ personal data, Liz Gasster, CSIA acting executive director and general counsel, told SCMagazine.com today.
"What we are really talking about here is the need for a comprehensive approach to protect personal data, wherever that data might be," she said. "Congress could take a huge step by passing a law that would protect data wherever it might rest, and it would benefit the public sector and the private sector."
The CSIA gave the feds poor grades on securing sensitive information because Congress failed to pass a comprehensive law protecting personal data, and a "D" on protecting critical infrastructure because the U.S. Department of Homeland Security (DHS) has not offered a clear agenda on cybersecurity priorities or established a coordination network.
The government fared poorly on information assurance because it needs improvement in "procurement, resolving systemic telework issues and releasing information on the cost of cyberattacks," according to a CSIA statement.
The organization called on Congress to pass a comprehensive federal breach notification act and work with the administration to strengthen the Federal Information Security Management Act.
The CSIA also urged DHS to establish cybersecurity and telecommunications priorities.
Click here to email Online Editor Frank Washkuch Jr.