http://www.fcw.com/online/news/154026-1.html By Alice Lipowicz FCW.com October 8, 2008 The Homeland Security Department has taken steps to enhance information security, but its component agencies are lagging behind, according to a new report [1] from DHS Inspector General Richard Skinner. For example, 22 of 25 information technology systems audited at DHS component agencies were lacking detailed emergency configuration plans, management plans, security controls or incident handling procedures, the report states. In addition, 19 of the systems had incomplete contingency plans, and five systems did not follow guidelines for a federal standard. While the department has implemented a performance plan and made other improvements, “components are still not executing all of the department’s policies, procedures, and practices,” the inspector general concluded. “Management oversight of the components’ implementation of the department’s policies and procedures needs improvement in order for the department to ensure that all information security weaknesses are tracked and remediated, and enhance the quality of system certification and accreditation,” Skinner wrote. [1] http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_08-94_Sep08.pdf [...] __________________________________________________ Register now for HITBSecConf2008 - Malaysia! With a new triple-track conference featuring 4 keynote speakers and over 35 international experts, this is the largest network security event in Asia and the Middle East! http://conference.hackinthebox.org/hitbsecconf2008kl/Received on Thu Oct 09 2008 - 01:02:04 PDT
This archive was generated by hypermail 2.2.0 : Thu Oct 09 2008 - 01:16:17 PDT