Congress'widespread weaknesses' federal computer securitygreenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread
Congress finds 'widespread weaknesses' in federal computer security Wednesday, 29 March 2000 22:44 (ET)
By PAUL SINGER
WASHINGTON, March 29 (UPI) -- Federal agencies have taken a "fragmented" approach to information security, leading to "widespread weaknesses" infederal computer systems, federal investigators said Wednesday.
At a hearing before a subcommittee of the House Government Reform Committee, Jack Brock, Jr., of the General Accounting Office, testified that "many agencies' critical operations and processes are at serious risk of disruption because of weak security practices." GAO is the investigative arm of Congress.
Brock said GAO's work has shown that "poor security planning and management is the rule rather than the exception" within federal agencies and that there is no strong management framework focusing on security issues within government.
Several witnesses suggested the need for the White House to charter a management team similar to one that coordinated agency responses to potential Y2K-related computer problems. Creating a central management team for cyber-security issues would ensure consistent applications of security improvements government-wide.
GAO's testimony also called for instituting a single set of security standards throughout federal agencies and a set of uniform policies and procedures for information system protection.
Rep. Steve Horn, R-Calif., told United Press International that he agreed with the need to increase attention on security issues throughout government but he warned about the dangers of creating "a computer security czar."
"It is clear that management across the board in the executivebranch hasbeen somewhat fragmented on this issue," Horn said, but creating new federal official with responsibility for security could remove the incentive for agency heads to focus vigorously on the issue.
"This doesn't have to be addressed through federal legislation at all," Horn said, adding that it would be important for Congress to provide money for federal agencies to provide training and education for employees on security issues.
Copyright 2000 by United Press International. All rights reserved
-- Martin Thompson (firstname.lastname@example.org), March 31, 2000