Letter to the editor

Why is information technology security a problem? Nothing gets management's attention unless it is bleeding or causing adverse publicity. Therefore, IT security will get no attention unless it is causing mission problems or getting bad publicity. Management will not give resources to anything that doesn't "squeak" louder than other issues.

No agency is doing a decent job of training personnel in IT security issues. High cost; therefore, only token effort.

Note: The Computer Security Act has been in effect for 15 years, but to this day, most agencies have (at best) implemented only small pieces of the requirements of this act. Life cycle management — truly integrating IT security into the whole process — isn't happening.

Congress does a great job of mandating certain actions or activities, then providing zero resources to the agencies to actually implement the activities. If the Hill truly wants something done, they must be prepared to fund them. They can always find resources for some pork project that only benefits a few representatives or senators.

Very few agencies have a comprehensive IT security policies and procedures document. Fewer still have actually communicated that document to the offices that must implement it. Fewer still provide the authority to the IT security manager to enforce the implementation.

So, why do we have problems with IT security??? Sigh!

Too many managers think that IT security is firewalls or intrusion-detection systems. It isn't. There are several others that are important, but you get the idea.

Name withheld by request

WRITE US

We welcome your comments. To send a letter to the editor, use this form.

Please check out the archive of Letters to the Editor for fellow readers' comments.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.