Return-Path: <sentto-279987-4476-1013783299-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Fri, 15 Feb 2002 06:49:08 -0800 (PST) Received: (qmail 31078 invoked by uid 510); 15 Feb 2002 14:28:33 -0000 Received: from n11.groups.yahoo.com (216.115.96.61) by all.net with SMTP; 15 Feb 2002 14:28:33 -0000 X-eGroups-Return: sentto-279987-4476-1013783299-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.188] by n11.groups.yahoo.com with NNFMP; 15 Feb 2002 14:28:19 -0000 X-Sender: yangyun@metacrawler.com X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-8_0_2); 15 Feb 2002 14:28:18 -0000 Received: (qmail 37587 invoked from network); 15 Feb 2002 14:28:18 -0000 Received: from unknown (216.115.97.172) by m2.grp.snv.yahoo.com with QMQP; 15 Feb 2002 14:28:18 -0000 Received: from unknown (HELO n25.groups.yahoo.com) (216.115.96.75) by mta2.grp.snv.yahoo.com with SMTP; 15 Feb 2002 14:28:18 -0000 Received: from [216.115.96.117] by n25.groups.yahoo.com with NNFMP; 15 Feb 2002 14:26:27 -0000 To: iwar@yahoogroups.com Message-ID: <a4j5u1+vdvj@eGroups.com> User-Agent: eGroups-EW/0.82 X-Mailer: Yahoo Groups Message Poster From: "televr" <yangyun@metacrawler.com> X-Originating-IP: 24.114.101.158 X-Yahoo-Profile: televr Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Fri, 15 Feb 2002 14:28:17 -0000 Subject: [iwar] OMB Report Card on Govt Infosec Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit http://www.omb.gov/inforeg/infopoltech.pdf 02/15/02 Most Federal Agencies Unable To Spot Cyber-Attacks - OMB By Brian Krebs, Newsbytes WASHINGTON, D.C., U.S.A., 14 Feb 2002, 1:06 PM CST Most federal agencies do not manage their information technology resources well enough to detect or defeat computer viruses and hacker attacks, the White House said in a report released Wednesday. "Far too many agencies have virtually no meaningful system to test or monitor system activity and therefore are unable to detect intrusions, suspected intrusions, or virus infections," the OMB said. In its analysis of security audits conducted at 50 federal agencies the OMB identified six government-wide security problems, including a lack of policies and programs in place to detect, report or share information on security vulnerabilities or attacks. The report also notes that most employees lack basic awareness or education about computer security. In addition, few agencies routinely ensure that contractors meet minimum security requirements and background checks, the OMB said. The OMB report found no correlation between the amount each agency spent on IT security and its overall performance in that arena. "At this point, there is no evidence that poor security is a result of a lack of money," the OMB said. Last year, the federal government spent $2.7 billion on computer security, out of a total $48 billion in IT investments. This year, the OMB expects federal agencies will spend roughly double that amount - $4.2 billion out of a total IT budget of $52 billion. Under the Government Information Security Reform Act of 2000, agencies are required to assess and test the security of their non-classified information systems. Agencies are graded on the results of penetration testing and overall security, and the reports are tied to each agency's budget request. Last year's round of penetration tests showed nearly all federal agencies earned a grade of "D" or lower for computer security, prompting the OMB to pledge it would soon begin to kill funding for projects that consistently fail to meet minimum security requirements. The lone exception cited in the OMB report was the Department of Defense, which maintained a consistent record of training employees and screening IT security contractors, the agency said. ------------------------ Yahoo! Groups Sponsor ---------------------~--> Sponsored by VeriSign - The Value of Trust When building an e-commerce site, you want to start with a secure foundation. Learn how with VeriSign's FREE Guide. http://us.click.yahoo.com/oCuuSA/XdiDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:03 PST