Suche innerhalb des Archivs / Search the Archive All words Any words

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[infowar.de] GAO im Kongress zu CIP/IT-Sicherheit in .gov-Systemen



Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
COMPUTER SECURITY
Improvements Needed to Reduce Risk to Critical Federal Operations and
Assets
Statement of Robert F. Dacey, Director, Information Security Issues
United States General Accounting Office
GAO Testimony before the Subcommittee on Government Efficiency,
Financial Management and Intergovernmental Relations, Committee on
Government Reform, House of Representatives, November 9, 2001
http://www.gao.gov/new.items/d02231t.pdf

dazu aus dem NIPC Daily Report vom 13.11.2001:1

Government - The majority of executive branch agencies earned failing or
barely passing grades for computer security, and most actually managed
to perform more poorly than last year, according to a report.
Two-thirds of executive branch agencies, including the Departments of
Defense, Agriculture, Education, Energy, Justice, Labor, Transportation
and Treasury and eight other departments, earned an "F" for computer
security.  Such abysmal scores helped win the government a overall "F"
grade this year, down from a "D-" awarded in last year's computer
security report card.  In its analysis of the penetration tests, the
General Accounting Office (GAO) noted that this year's grades may be
lower because agencies significantly expanded the scope of their
testing.  The GAO also found that most agencies are doing a poor job
installing readily available patches for commonly known software hacks.
According to the Federal Computer Incident Response Center, such
deficiencies are the root cause of some 90% of successful attacks on
government computers.  (Source: Newsbytes, 9 November)

---------------------------------------------------------------
Liste verlassen: 
Mail an infowar -
 de-request -!
- infopeace -
 de mit "unsubscribe" im Text.