TRENDING:

Feds Challenged on Key Infosec Initiatives

Forthcoming GAO Audits Focus on FDCC, TIC Eric Chabrow (GovInfoSecurity) • March 28, 2010    
Feds Challenged on Key Infosec Initiatives
The Government Accountability Office will release audits in April that say that federal agencies are being challenged in implementing two key government cybersecurity initiatives: the Federal Desktop Core Configuration and the Trusted Internet Connection.

Gregory Wilshusen, GAO information security issues director, wouldn't reveal details of the audits, but said in an interview with GovInfoSecurity.com: "Agencies are trying, and they are making progress, but because of just the highly dynamic nature of the federal computing environment, it remains a big challenge."

The reports will disclose the extent in which each initiative has been implemented by the departments and agencies and any challenges and lessons learned executing both programs, Wilshusen said.

Senate Homeland Security and Governmental Affairs Chairman Joseph Lieberman, I.-Conn.; its ranking minority member, Susan Collins, R.-Maine; and Thomas Carper, D.-Del., who chairs a panel subcommittee and is sponsor of a bill to update the Federal Information Security Management Act, requested the GAO audits.

The Federal Desktop Core Configuration program, also known as FDCC, aims to assure that all federal computers running the Microsoft Windows operating systems are configured to meet minimal security standards. The goal of the Trusted Internet Connection initiative, commonly called TIC, is to reduce significantly the number of government connections to the Internet that should simplify the monitoring of malicious traffic.

At least one agency has had major problems implementing one of these initiative. An Interior Department inspector general's audit released last fall revealed that nearly one-third of the department's tested computers failed to comply with minimum FDCC standards as developed by the National Institute of Standards and Technology.

For more on TIC, check out our interview What's Happening with the Trusted Internet Connection with Matt Coose, director of federal network security at the Department of Homeland Security's National Cybersecurity Division.

Previous
Bills Target International Cyber Criminals
Next
Initiative Could Speed Fed Cloud Adoption

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.



Around the Network

Why Hospitals Should Beware of Malicious AI Use
Why Hospitals Should Beware of Malicious AI Use
Joe Sullivan on What CISOs Need to Know About the Uber Trial
Joe Sullivan on What CISOs Need to Know About the Uber Trial
How Biden's AI Executive Order Will Affect Healthcare
How Biden's AI Executive Order Will Affect Healthcare
How State Governments Can Regulate AI and Protect Privacy
How State Governments Can Regulate AI and Protect Privacy
Mapping Access - and Attack - Paths in Active Directory
Mapping Access - and Attack - Paths in Active Directory
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Getting a Tighter Grip on Vendor Security Risk in Healthcare
How the Healthcare Sector Can Boost Credential Management
How the Healthcare Sector Can Boost Credential Management
AI in Healthcare: The Growing Promise - and Potential Risks
AI in Healthcare: The Growing Promise - and Potential Risks
Protocol Isolation: The Key to Securing OT Environments
Protocol Isolation: The Key to Securing OT Environments
How AI Can Help Speed Up Physician Credentialing Chores
How AI Can Help Speed Up Physician Credentialing Chores

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.