Computer security grades improve slightly

The government's overall information security grade has improved from a C-minus to a C, according to the Federal Information Security Management Act's score card.


The score card compared the years 2006 and 2007. The House Oversight and Government Reform Committee issues the annual score card based on agency reports required by the 2002 FISMA law.


Although the government's score has improved since the first score cards reported failing grades, Rep. Tom Davis (R-Va.), the ranking minority member on the committee, said it's not adequate.


“We need to seriously consider incentives for agency success and funding penalties and personnel reforms for agencies that don’t measure up," he said. "We need a bill with teeth, and we need agencies to understand the goal is to keep information safe, not to check a statutory box.”


Although the government average is in the middle, most individual agencies showed either great success or failure. Averaging the extremes led to the C average.


The departments and agencies that scored A-minus, A or A-plus were:



  • Justice Department



  • Agency for International Development



  •  Environmental Protection Agency



  • National Science Foundation



  • Social Security Administration



  • Housing and Urban Development Department



  • Office of Personnel Management



  • General Services Administration


Departments, commissions and agencies with F grades were:



  • Transportation Department



  • Labor Department



  • Defense Department



  • Interior Department



  • Treasury Department



  • Nuclear Regulatory Commission



  • Veterans Affairs Department



  • Agriculture Department

About the Author

Technology journalist Michael Hardy is a former FCW editor.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected