GAO Finds Data Protection Lagging

[security curmudgeon <jericho () attrition org>]

[Belated, apologies -jericho]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.washingtonpost.com/wp-dyn/content/article/2008/02/25/AR2008022503120.html

By Christopher Lee
Washington Post Staff Writer
February 26, 2008

Despite a steady stream of embarrassing computer security breaches, many 
major federal agencies still are doing too little to safeguard the 
sensitive personal information in their possession, according to 
congressional investigators.

Only two of 24 agencies studied by the Government Accountability Office in 
a report released last week had implemented all five security measures 
recommended by the Office of Management and Budget to protect personal 
information.

The top performers included the Treasury Department and the Department of 
Transportation. The worst were the Small Business Administration and the 
National Science Foundation, neither of which had adopted any of the 
measures, according to Sen. Norm Coleman (R-Minn.), one of two senators 
who requested the study. But officials at both agencies said yesterday 
that they had completed most or all of the recommended measures since GAO 
investigators last visited them in October.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml