Senate Committee on Homeland Security and Governmental Affairs
 
image
Home : Graphics On : Privacy Policy    Sign up for Email:
Search: 
 
image
Press Releases


August 12, 2005  
image
LIEBERMAN SAYS FEDERAL INFORMATION SECURITY IS NOT UP TO PAR
 
WASHINGTON - Homeland Security and Government Affairs Committee Ranking Member Joe Lieberman, D-Conn, says federal agencies are failing to fulfill their responsibilities for implementing effective information security policies and practices and must do a better job of safeguarding their computer resources.

A recent study by the Government Accountability Office (GAO) found that pervasive weaknesses exists in almost all areas of information security controls at 24 major agencies, threatening the integrity, confidentiality, and availability of federal information and information systems. The study was a requirement under the Federal Information Security Management Act (FISMA) enacted in 2002.

“Information security is critical to carrying out all government functions and to preventing the inappropriate disclosure of sensitive individual and national security information,” Lieberman said. “Protecting federal computer systems and the systems that support critical infrastructures has never been more important due to the emergence of new and more destructive attacks. Consequently, it is imperative that federal agencies improve information security.”
Some of the major deficiencies cited in the GAO report include the following:

• access controls, which ensure that only authorized individuals can read, alter, or delete data, were not effectively implemented
• software change controls, which provide assurances that only authorized software programs are implemented, were not always in place
• segregation of duties, which reduces the risk that one individual can independently perform inappropriate actions without detection, was not consistently implemented and
• continuity of operations planning, which provides for the prevention of significant disruptions of computer –dependent operations, was often inadequate

The report concluded that “As a result, federal operations and assets are at increased risk of fraud, misuse, and destruction and these weakness place financial data at risk of unauthorized modification or destruction. In addition, these weaknesses place financial data at risk of unauthorized modification or destruction, sensitive information at risk of inappropriate disclosure, and critical operations at risk of disruption.”

In prior GAO reports, as well as reports by various Offices of the Inspector General, specific recommendations were made to each agency to remedy previously identified deficiencies. In this most recent report, the GAO recommended that the Director of the Office of Management and Budget (OMB) take the following steps:

• request the Inspectors General to report on the quality of additional agency processes, such as the annual system reviews
• require agencies to report FISMA data by risk category
• ensure that compliance with all key FISMA requirements are reported on annually, and
• review guidance to ensure clarity of instructions.

Senator Lieberman’s E-government Act, which was signed into law on Dec. 17, 2002, included FISMA, which was a strengthened version of the Government Information Security Reform Act that he had originally coauthored in 2000. The law established guidelines for computer security throughout the federal government and provided for both OMB and Congressional oversight.

The GAO report is available at: http://www.gao.gov/new.items/d05552.pdf
 
###
 
Printable Version
 
« previous Press Release next Press Release »
 

1998 - 1999 - 2000 - 2001 - 2002 - 2003 - 2004 - 2005 - 2006 - 2007
August 2005 Press Releases
July   September   --   2004   2006  
 
August 12 current Press Release

 
August 8 - USPS Still Must Address Issues Raised By 2003 Ricin Incident, Lieberman Says

 
August 4 - Collins, Lieberman Concerned Container Security Targeting System Requires More Attention, Overseas Segment of Supply Chain Most Problematic
 

About the Committee | Hearings | Legislation & Nominations | Press | Issues | Subcommittees | Committee Documents | Related Links
Committee on Homeland Security and Governmental Affairs
340 Dirksen Senate Office Building
Washington, D.C. 20510