THE MAGAZINE
Technofile: IT Security
DHS Cybersecurity
The Department of Homeland Security (DHS) has made many improvements in its information security program, according to the agency's Inspector General (IG). However, he notes in a new report that the agency still lacks "an accurate and complete system inventory." An effort is being made to create such an inventory with assistance from an outside contractor, but without an inventory in place, the IG was unable to determine whether systems have been properly certified and accredited.
Areas identified in which the agency's information security procedures "require strengthening" include its use of wireless technologies, remote access, vulnerability scanning and penetration testing, and incident detection. The IG also noted that security awareness training is lacking when it comes to potential security hazards such as peer-to-peer file sharing.
Appendices to the report detail agencywide security configuration requirements and incident detection and handling procedures.
@ The report, Evaluation of DHS' Information Security Program for Fiscal Year 2004, is available at SM Online.
Related Stories
Technofile: IT Security
Behind the Numbers: Top Spending Priorities in Banking IT in 2008
Technofile: IT Security
Quick Bytes: IT Pros' Roles
Advertise | Subscribe | Reader Service | Writer's Guidelines | Reprints & Permissions | Sitemap | RSS
Security Management is the award-winning publication of ASIS International, the preeminent international
organization for security professionals, with more than 35,000 members worldwide.
ASIS International, Inc. Worldwide Headquarters USA, 1625 Prince Street, Alexandria, Virginia 22314-2818
703-519-6200 | fax 703-519-6299 | www.asisonline.org
Copyright © 2008, Security Management
Powered by: Phase2 Technology
Comments