VA still struggling with security

VA Information Technology: Progress Made, But Continued Management Attention Is Key to Achieving Results

The Department of Veterans Affairs has taken major strides toward creating a modern infrastructure but still has a long way to go to protect its computer systems and sensitive data about veterans, according to a General Accounting Office report released March 13.

Listing both the good marks and the failing ones, GAO said the agency has benefited from VA Secretary Anthony Principi's commitment to strengthening information technology. It has taken key steps to lay the groundwork for enterprise architecture — a blueprint for its information systems — and has worked hard to strengthen information security management.

"However, VA continues to report pervasive and serious information security weaknesses," the report said.

It also is unclear whether the VA's computer security management program is strong enough to "protect its computer systems, networks and sensitive veterans health care and benefits data from unnecessary exposure to vulnerability and risks," the report said.

The VA has been spending about $1 billion a year on IT for the past decade. President Bush is seeking $1.35 billion for the agency's IT budget for fiscal 2003. But some of its systems have problems, and information security remains the agency's biggest challenge.

"We want to know if the VA is spending IT money wisely," Rep. Steve Buyer (R-Ind.), chairman of the House Veterans' Affairs Committee's Oversight and Investigations Subcommittee, said at a hearing March 13.

John Gauss, the VA's assistant secretary for IT, told the panel that the VA is making progress in several critical cybersecurity areas. Among them:

* A VA-wide firewall policy to protect the boundaries of the VA system from external attack.

* An antivirus software across the entire department.

Nevertheless, he acknowledged that the VA had not taken advantage of available technology to ensure continuity of operations in the event of a disruption.

"There is much to be done in this area," Gauss said.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.