Evans: 'People are losing data'

OMB memo on reporting loss of data

Related Links

Between July and Sept. 30, agencies reported 338 separate security incidents involving personally identifiable information to the Office of Management and Budget, Karen Evans, OMB’s administrator for e-government and information technology, said today.

Many of the incidents, however, are not attacks on government information from outsiders, Evans said in a speech at the IT Association of America’s annual Chief Information Security Officer Workshop in Falls Church, Va.

“Primarily, people are losing data,” she said.

The trend affects agencies’ internal processes, such as how information is handled and who can access it. OMB has required agencies to reassess their processes. It wants them to consider what employees and contractors have remote access to information and how the agencies secure it. OMB also wants agencies to continue to review risk associated with their offered services.

In her speech, Evans gave some preliminary statistics on information security. OMB’s analysis shows that the percentage of agencies’ systems that met accreditation and certification standards increased from 85 percent in fiscal 2005 to 88 percent in fiscal 2006. The percentage of agencies’ systems with contingency plans in 2005 was at 61 percent, and in 2006 it was boosted to 78 percent.

Last year, inspectors general gave 17 agencies’ accreditation and certification reports a satisfactory or better rating, and in 2006, 19 agencies received such ratings, Evans said.

OMB will release the final edition of its annual Federal Information Security Management Act report in March.

OMB issued a memo July 12 revising incident reporting rules to state that agencies must report losses of personally identifiable information within an hour of discovery to the Homeland Security Department. Moreover, those reports should not distinguish between suspected and confirmed incidents, according to memo.

Featured

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

  • Comment
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    Doing digital differently at VA

    The Department of Veterans Affairs CIO explains why digital transformation is not optional.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.