Network News

X My Profile
View More Activity

Grading DHS's Cyber-Security Efforts

The Department of Homeland Security today received more lumps for failing to implement programs to protect the nation's most vital computer systems from attack or disruption. The Government Accountability Office issued a report today concluding that the department's failure to make meaningful progress on its myriad cyber-security programs was due largely to organizational and staffing problems.

Not that this comes as a surprise to anyone who's tracked the department's languid progress on implementing the Bush administration's National Strategy to Secure Cyberspace, released in Feb. 2003 as a blueprint for hardening the electronic defenses around computers that power the nation's most important systems -- including power, water, sewer and telecommunications networks.

The GAO said nobody can reasonably expect Homeland Security to get moving on these tasks until it confronts and resolves the underlying problems of "achieving organizational stability, gaining organizational authority, overcoming hiring and contracting issues, increasing awareness about cyber-security roles and capabilities, establishing effective partnerships with stakeholders (i.e. other federal, state, and local governments and the private sector), achieving two-way information sharing with these stakeholders, and providing and demonstrating the value DHS can provide."

Homeland Security has come under fire in the past for not making cyber-security a higher priority. The department has seen several smart, dedicated people leave key cyber-security posts because of a perceived lack of authority given to those positions (see my previous reporting).

Already, lawmakers on Capitol Hill are moving to correct some of the problems outlined by the GAO. Last week, the House of Representatives voted 424-4 to create an assistant secretary for cyber-security at DHS, a step supporters say should ensure that the department's cyber-security priorities get the attention and funding they so rightly deserve.

DHS, by the way, helps run the US-CERT Web site, which includes computer security tips for businesses, ordinary computer users and government workers.

By Brian Krebs  |  May 26, 2005; 5:07 PM ET
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Before You Buy That Anti-Spyware Program
Next: Photos to Fight Phishing?


Well this is good news, but I doubt that this new assistant secretary is going to be the savior people in DHS, Congress and the National Cyber Security Division hope it's going to be.

What cybersecurity really needs is someone back on the National Security Council who will bring attention to cybersecurity issues, and has the energy (but not the lunacy) of Richard Clarke.

Posted by: cautiously optimistic | May 27, 2005 11:15 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company