Evans: 'People are losing data'

OMB memo on reporting loss of data

Related Links

Between July and Sept. 30, agencies reported 338 separate security incidents involving personally identifiable information to the Office of Management and Budget, Karen Evans, OMB’s administrator for e-government and information technology, said today.

Many of the incidents, however, are not attacks on government information from outsiders, Evans said in a speech at the IT Association of America’s annual Chief Information Security Officer Workshop in Falls Church, Va.

“Primarily, people are losing data,” she said.

The trend affects agencies’ internal processes, such as how information is handled and who can access it. OMB has required agencies to reassess their processes. It wants them to consider what employees and contractors have remote access to information and how the agencies secure it. OMB also wants agencies to continue to review risk associated with their offered services.

In her speech, Evans gave some preliminary statistics on information security. OMB’s analysis shows that the percentage of agencies’ systems that met accreditation and certification standards increased from 85 percent in fiscal 2005 to 88 percent in fiscal 2006. The percentage of agencies’ systems with contingency plans in 2005 was at 61 percent, and in 2006 it was boosted to 78 percent.

Last year, inspectors general gave 17 agencies’ accreditation and certification reports a satisfactory or better rating, and in 2006, 19 agencies received such ratings, Evans said.

OMB will release the final edition of its annual Federal Information Security Management Act report in March.

OMB issued a memo July 12 revising incident reporting rules to state that agencies must report losses of personally identifiable information within an hour of discovery to the Homeland Security Department. Moreover, those reports should not distinguish between suspected and confirmed incidents, according to memo.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.