Computer security grades improve slightly

The government's overall information security grade has improved from a C-minus to a C, according to the Federal Information Security Management Act's score card.


The score card compared the years 2006 and 2007. The House Oversight and Government Reform Committee issues the annual score card based on agency reports required by the 2002 FISMA law.


Although the government's score has improved since the first score cards reported failing grades, Rep. Tom Davis (R-Va.), the ranking minority member on the committee, said it's not adequate.


“We need to seriously consider incentives for agency success and funding penalties and personnel reforms for agencies that don’t measure up," he said. "We need a bill with teeth, and we need agencies to understand the goal is to keep information safe, not to check a statutory box.”


Although the government average is in the middle, most individual agencies showed either great success or failure. Averaging the extremes led to the C average.


The departments and agencies that scored A-minus, A or A-plus were:



  • Justice Department



  • Agency for International Development



  •  Environmental Protection Agency



  • National Science Foundation



  • Social Security Administration



  • Housing and Urban Development Department



  • Office of Personnel Management



  • General Services Administration


Departments, commissions and agencies with F grades were:



  • Transportation Department



  • Labor Department



  • Defense Department



  • Interior Department



  • Treasury Department



  • Nuclear Regulatory Commission



  • Veterans Affairs Department



  • Agriculture Department

About the Author

Technology journalist Michael Hardy is a former FCW editor.

Featured

  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected