[ISN] IG: State Department flunks systems security

From: InfoSec News (isnat_private)
Date: Sun Nov 03 2002 - 22:29:44 PST

  • Next message: InfoSec News: "[ISN] Popular Linksys Router Vulnerable to Attack"

    Forwarded from: William Knowles <wkat_private>
    By Wilson P. Dizard III 
    GCN Staff
    The State Department's information system security remains weak a year 
    after the department was told of serious flaws, according to a recent 
    report by the State inspector general's office. The IG reviewed system 
    security in accordance with the Government Information Security Reform 
    Act, which calls for annual reviews. Even though State made a plan for 
    certifying and accrediting its systems, it has no timetable, according 
    to the IG. 
    Department officials had certified and accredited only 4 percent of 
    systems by August, the report said. In addition, even though 72 
    percent of the department's 358 systems have security classifications, 
    only 15 percent have security plans, it said. 
    Investigators also found problems at overseas posts, where the 
    information system security officers "generally were not performing 
    all the requisite duties," the report said. None of the 11 posts 
    visited by the investigators had information security plans, according 
    to the report, which also criticized poor management, technical and 
    operational controls that increase "the risk to mission operations." 
    The IG's office said it will make recommendations to correct the 
    problems. State officials did not respond to repeated requests for 
    comment on the report. 
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Nov 04 2002 - 00:50:39 PST