Evans: 'People are losing data'

OMB memo on reporting loss of data

Related Links

Between July and Sept. 30, agencies reported 338 separate security incidents involving personally identifiable information to the Office of Management and Budget, Karen Evans, OMB’s administrator for e-government and information technology, said today.

Many of the incidents, however, are not attacks on government information from outsiders, Evans said in a speech at the IT Association of America’s annual Chief Information Security Officer Workshop in Falls Church, Va.

“Primarily, people are losing data,” she said.

The trend affects agencies’ internal processes, such as how information is handled and who can access it. OMB has required agencies to reassess their processes. It wants them to consider what employees and contractors have remote access to information and how the agencies secure it. OMB also wants agencies to continue to review risk associated with their offered services.

In her speech, Evans gave some preliminary statistics on information security. OMB’s analysis shows that the percentage of agencies’ systems that met accreditation and certification standards increased from 85 percent in fiscal 2005 to 88 percent in fiscal 2006. The percentage of agencies’ systems with contingency plans in 2005 was at 61 percent, and in 2006 it was boosted to 78 percent.

Last year, inspectors general gave 17 agencies’ accreditation and certification reports a satisfactory or better rating, and in 2006, 19 agencies received such ratings, Evans said.

OMB will release the final edition of its annual Federal Information Security Management Act report in March.

OMB issued a memo July 12 revising incident reporting rules to state that agencies must report losses of personally identifiable information within an hour of discovery to the Homeland Security Department. Moreover, those reports should not distinguish between suspected and confirmed incidents, according to memo.

Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.