You are here: silicon.com > Software > Security Strategy

Security Strategy

US Homeland Security CIO blamed for security "incidents"

"Not setting a good example"...

Tags: cio, security, dhs

By Anne Broache

Published: 21 June 2007 09:32 BST

In response to reports of persistent cybersecurity flaws at the Department of Homeland Security, a top congressional Democrat on Wednesday questioned whether the agency's chief information officer deserves to keep his job.

The department charged with safeguarding the security of the nation's computer systems has not been setting a good example and CIO Scott Charbo hasn't shown he's serious about fixing its vulnerabilities, said Representative Bennie Thompson, a Mississippi Democrat, chairman of the House of Representatives Homeland Security Committee.

At an afternoon hearing in Washington held by a subcommittee that deals with cybersecurity issues, Thompson asked: "How can we ask the private sector to better train employees and implement more consistent access controls when DHS allows employees to send classified emails over unclassified networks and contractors to attach unapproved laptops to the network?"

How can we ask the private sector to better train employees and implement more consistent access controls when DHS allows employees to send classified emails over unclassified networks and contractors to attach unapproved laptops to the network?

-- Representative Bennie Thompson

He was referring to the Homeland Security department's revelation, as part of an ongoing subcommittee probe into its information security practices, that it experienced 844 security-related "incidents" on its computer systems in 2005 and 2006. Those episodes included unauthorised users hooking up personal computers to government networks, unauthorised software installations, classified emails traveling over unclassified networks, suspicious botnet activity, trojans and virus infections, classified data spillages and misconfigured firewalls.

Charbo, for his part, downplayed the lengthy list, saying that they didn't indicate actual penetrations of the system and varied widely in the level of severity. The IT chief told the politicians: "Those are events that we report on as a data-gathering tool," adding that he was confident all breaches considered significant had been addressed properly.

The congressional panel that convened Wednesday's hearing has been probing the extent to which various federal agencies are equipped to handle cyberthreats. At a hearing in April committee members accused officials at the Commerce and State Departments of being ill-prepared to handle such threats in light of reports of intrusions from Chinese hackers and they warned that Homeland Security would be undergoing scrutiny next.

The Government Accountability Office is preparing to release a report based on a yearlong investigation that it says documents "pervasive" security flaws in Homeland Security's US-VISIT program, which is designed to verify the identity of foreigners through fingerprint scans and is currently being used at several US ports of entry.

Anne Broache writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Media Sciences Analyst

We work across all media and are employed to increase accountability, demonstrating where an agency is performing well for a client and to identify ...

Market Risk Analyst Major Energy Commodity Trading House

As a member of the market risk team your responsibilities will include: - Support risk analysis of Asset and Procurement portfolios, - Preparing ...

C# Technical Architect - Trading Systems - Finance - London

You will be the point of contact for design and development and responsibile for the architecture of this new .NET C# Trading Platform to handle the ...

CIO Agenda 2008
The exclusive silicon.com CIO Agenda 2008 survey looks at the CIO's tech shopping list for the year, examines whether IT budgets are rising or falling and reveals what the pain points are for tech chiefs this year. Find out more in our latest special report.





Quick Sitemap Links: