From: Federal Computer Week
By Frank Konkel
IT systems, cyber-security and the nation’s satellite programs dominate the Commerce Department’s list of problems to address, according to that department’s inspector general.
In late December, Commerce IG Todd Zinser sent the House Oversight and Government Reform Committee an itemized list of his office’s highest-priority recommendations that have yet to be implemented. The memo highlighted major IT security deficiencies in the National Telecommunications and Information Administration [NTIA] and security weaknesses in the International Trade Administration that increase the odds of a successful cyber-attack.
“For our NTIA audit, we determined that fundamental steps for securing NTIA’s information and systems have not been taken,” the IG’s letter states. “For our ITA audit, we identified security weaknesses, including inadequate security categorization that may affect protection against critical information and security control deficiencies that increase the likelihood of a successful cyber-attack.”
The review highlighted multiple IT security deficiencies for both agencies, including “inadequate security categorizations that jeopardize critical bureau information” for NTIA and “the presence of unauthorized software and use of unauthorized removable media” at ITA.
Both agencies have failed to implement two significant recommendations as of Dec. 28, the report states.
However, some of the corrective actions take years to fully implement, said Commerce spokesperson Dave Smith, so “the findings will appear outstanding in our responses to these types of periodic requests.”
The IG’s report highlighted lingering unimplemented recommendations in several other corners of Commerce as well.
Leave a Reply