via
Ars Technica
New research
out earlier Tuesday from George Mason University, however, calls into
question how effective Obama's proposal would be. That's because the
federal government's IT professionals as a whole have "a poor track
record in maintaining good cybersecurity and information-sharing
practices." What's more, the federal bureaucracy "systematically" fails
to meet its own federal cybersecurity standards despite billions of
dollars in funding.
...
The researchers pointed out that the federal bureaucracy has its own CISPA-style legislation. The Federal Information Security Management Act of 2002 (PDF)
requires the bureaucracy to perform information sharing and to reduce
risks. In short, FISMA provides funding to "provide a comprehensive
framework for ensuring the effectiveness of information security
controls over information resources that support Federal operations and
assets..."
Once again I go back to the idea that one of the reasons for this failure is that things have become too complicated to manage efficiently. Until that changes this will be an ongoing problem.
No comments:
Post a Comment