You have to ask yourself, is our departments learning?

It scares me to think that my wireless network at home is more secure than the defense department’s entire network. There is a new report that several government agencies, including the defense department, have received poor grades on their cyber security assessment.

From PCWorld:

"But Alan Paller, director of research at the SANS Institute, said DHS's success stories in helping improve U.S. cybersecurity "can be counted on the fingers of one hand."

"The worst indictment, however is the department's failure to lead by example," Paller added. "Other [chief information officers] in governments and corporations have a right to look to the DHS CIO and his security people for models of excellence in cybersecurity. They won't find it there.""

Now, I work with networks in my line of work and between internal audits and Sarbanes/Oxley, I can’t even think about changing our infrastructure without jumping through hoops. That is for corporations that publicly trade. The federal government has their own security measures outlined in the Federal Information Security Management Act. For you computer and security geeks, make sure you check out the very detailed documentation. And surprise, it even outlines how email and email security should be handled.

No comments: