Good news: NASA and Homeland Security just passed their government IT exams – and we really mean *just*

They managed to scrape by with the lowest possible passing grade: D-

Washington DC has been hit with yet another discouraging assessment of the Uncle Sam's IT management and security practices.

The bi-annual grading of federal organizations [PDF] was released this week, and, by and large, they show America's government bureaucrats have a lot of work to do when it comes to securing, updating, and managing their networks and data.

The grades were presented following a probe by the House Oversight Committee's Subcommittee on Government Operations into the progress of FITARA, known in its long form as the Federal Information Technology Acquisition Reform Act of 2013, which tries to get Uncle Sam's pen pushers to up their IT game.

Two bodies in particular turned in low marks this period. Both NASA and the Department of Homeland Security were handed a D- in their reports. Good thing they don't handle anything important, eh?

Sidebar: for those unfamiliar with America's grading system, marks in high school are traditionally given as letter grades, typically the highest being A+ and the lowest passing mark being a D-, with an F indicating a failing grade.

For Homeland Security, the biggest blunder was not giving its chief information officer (CIO) enough power and scope to get the job done right. The department was given an F for not gradually increasing the CIO's authority, and thus making information security more of a priority, and for its failure to let the CIO position report directly to the head of the department.

The Washington DC skyline- image from shutterstock

Stop us if you've heard this one: US government staff wildly oblivious to basic computer, info security safeguards


On the other hand, Homeland Security did get an A grade in keeping up with software licensing – and its compliance with the Federal Information Security Modernization Act (FISMA) was among the best of the 24 federal bodies tested. FISMA requires officials to comply with existing security industry standards.

Meanwhile, NASA got a failing mark for its transparency and risk management practices, while its FISMA compliance only warranted a D grade. The space boffins were also shamed for their inability to let the CIO reports directly to the agency's head.

However, NASA did manage to earn A grades in portfolio review and software licensing.

While none of the 24 bodies were able to get an overall A on the assessment, all at least passed and seven did receive a B+: the Department of the Environment, the Department of Housing and Urban Development, the Veteran's Administration, the General Services Administration, the National Science Foundation, the Small Business Administration, and the Social Security Administration.

"For the second scorecard in a row, there are no agencies receiving a failing grade," noted committee chairman Rep Gerald Connolly (D-VA). "While there are no A grades on this scorecard, the Department of Labor (B-) and the US Agency for International Development (B-) would have each received an A+ if they had changed their reporting structure to allow for their chief information officers to report to the head or deputy head of the agency."

The report comes as federal government officials find themselves under renewed scrutiny amid reports of heightened attacks from foreign state-sponsored hacking groups such as those in Iran. Earlier this week, a review of ten years' worth of audits of US government bodies concluded that many were neglecting to address even the most basic of cybersecurity requirements. ®

Similar topics

Other stories you might like

  • NASA to commission independent UFO study
    The truth is out there, and the space agency intends to find it – scientifically

    Over recent years, Uncle Sam has loosened its tight-lipped if not dismissive stance on UFOs, or "unidentified aerial phenomena", lest anyone think we're talking about aliens. Now, NASA is the latest body to get in on the act.

    In a statement released June 9, the space agency announced it would be commissioning a study team, starting work in the fall, to examine unidentified aerial phenomena or UAPs, which it defined as "observations of events in the sky that cannot be identified as aircraft or known natural phenomena."

    NASA emphasized that the study would be from a "scientific perspective" – because "that's what we do" – and focus on "identifying available data, how best to collect future data, and how NASA can use that data to move the scientific understanding of UAPs forward."

    Continue reading
  • Oracle sued by one of its own gold-level Partners of the Year over government IT contract
    We want $56 million, systems integrator tells court

    Oracle has been sued by Plexada System Integrators in Nigeria for alleged breach of contract and failure to pay millions of dollars said to be owed for assisting with a Lagos State Government IT contract.

    Plexada is seeking almost $56 million in denied revenue, damages, and legal costs for work that occurred from 2015 through 2020.

    A partner at Plexada, filed a statement with the Lagos State High Court describing the dispute. The document, provided to The Register, accuses Oracle of retaliating against Plexada and trying to ruin the firm's business for seeking to be paid.

    Continue reading
  • Governments opt for XaaS, dump datacenters in droves
    Outsource all the things! To whom? The lowest bidder of course, says Gartner

    The world's governments are eager to let someone else handle their IT headaches, according to a recent Gartner report, which found a healthy appetite for "anything-as-a-service" (XaaS) platforms to cut the costs of bureaucracy.

    These trends will push government IT spending to $565 billion in 2022, up 5 percent from last year, the analyst house claims. Gartner believes the majority of new government IT investments will be on service platforms by 2026.

    "The pandemic sped up public-sector adoption of cloud solutions and the XaaS model for accelerated legacy modernization and new service implementations," Gartner analyst Daniel Snyder said in a release. "Fifty-four percent of government CIOs responding to the 2022 Gartner CIO survey indicated that they expect to allocate additional funding to cloud platforms in 2022, while 35 percent will decrease investments in legacy infrastructure and datacenter technologies."

    Continue reading

Biting the hand that feeds IT © 1998–2022