The Government Accountability Office gave a clean bill of health to the Transportation Security Administration's Secure Flight program, a system that matches passenger information against terrorist watch-list records.
The nation's air traffic control system is vulnerable to attack through the Internet, and the Federal Aviation Administration has failed to adequately establish intrusion-detection capabilities to detect potential cyber penetrations.
Keeping a close eye on federal agencies to see if they are properly securing their information systems is among the priorities the Government Accountability Office (GAO), the investigative arm of Congress, promises to address through the next fiscal year.
Malware infecting Internal Revenue Service computers increased by 45 percent last year to 961 incidents, according to a Treasury Department inspector general's report.
Though IRS automatically scans workstations weekly for malware, only 89 percent of the agency's servers are scanned each week. The others were either...
An audit of the Security and Exchange Commission IT systems reveals 23 new weaknesses in controls intended to restrict access to data and systems, as well as weaknesses in other information security controls.
The Internal Revenue Service's Business Systems Modernization program continues to experience information security control weaknesses, according to a Government Accountability Office report issued Wednesday.
The United States is ill-prepared for a massive cybersecurity attack, the equivalent of a virtual 9/11 assault on federal IT systems and the nation's critical IT infrastructure, a panel of information security experts told a House committee on Tuesday.
A big complaint about the Federal Information Security Management Act (FISMA) is that agencies complying with its provisions merely prove they're following processes aimed at securing information systems, but they don't necessarily prove the systems are indeed secure.
In an exclusive interview, Ron Ross, the...
The Obama administration is looking to develop metrics that would require agencies to continuously monitor the security of their information systems, moving beyond the quarterly and annual reporting required by the Federal Information Security Management Act.
Tom Davis wrote the original Federal Information Security Management Act in 2002, and says the legislation has served the government and nation well. The one-time powerful chairman of the House Government Reform Committee, which provides oversight on information technology matters, feels it's time for Congress to...
The Heartland Payment Systems data breach is on everyone's mind, and the case is in the hands now of the Federal Trade Commission (FTC) if it chooses to investigate. While the FTC will neither confirm nor deny a Heartland investigation, staff attorney Alain Sheer does offer his insight on:
How the FTC investigates...
A consortium of federal agencies and private organizations has just released the first version of the Consensus Audit Guidelines (CAG), which defines the most critical cyber security controls to protect government agencies and critical infrastructure industries, including financial services.
Government Accountability Office auditors will have a busy spring, examining a number of federal government programs aimed at securing government information systems and data.
In an interview with GovInfoSecurity.com, Gregory Wilshusen discusses how the GAO is looking at how private industry and two dozen federal...