http://fcw.com/articles/2009/10/05/commerce-it-security-workforce.aspx By Matthew Weigelt FCW.com Oct 05, 2009 The Commerce Department has failed to take the basic steps to develop its workforce that oversees the security of the department.s information technology systems, a newly posted report [1] states. The department's management has not devoted enough attention and resources to training its IT security workers, according to an audit by the department's inspector general. The audit, dated Sept. 30, said officials haven.t assigned who's accountable for what IT security systems and many of Commerce's IT security officers don't have the required security clearances. Without that clearance, the officers may be kept from getting the full extent of a cyber attack because they aren.t privy to the information, the report states. "As a result, Commerce is at risk of not being satisfactorily prepared to protect its IT assets and information," wrote Brett Baker, the assistant IG for audit. The report recommends greater professional development and role-based training for IT security employees, especially those with significant responsibilities. Officials also should formally document officers' duties, and they should set specific security clearances with particular IT positions and responsibilities, the report recommends. [1] http://www.oig.doc.gov/oig/reports/2009/CAR-19569-1.pdf [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Tue Oct 06 2009 - 01:35:29 PDT
This archive was generated by hypermail 2.2.0 : Tue Oct 06 2009 - 02:04:42 PDT