Homeland (in)Security
US Department of Homeland Security CIO Scott Charbo went in front of a Senate subcommittee Wednesday and, in the spirit of "I Love Lucy", he had some "splainin' to do." It seems the department charged with the nation's security has suffered 844 security breaches between 2005 and 2006.
According to an article by Anne Broache of CNET News.com, issues included unauthorized users hooking up personal computers to government networks, unauthorized software installations, classified e-mails traveling over unclassified networks, suspicious botnet activity, trojans and virus infections, classified data spillages and misconfigured firewalls.
Part of the unique challenge with the Department of Homeland Security is it was formed by massing together hundreds of disparate departments into one. Each of the departments had their own technology and cultural approach to securing the IT environment. Charbo has the responsibility to blend it all into one cohesive security approach.
Experts like Khalid Kark, Senior Analyst with Forrester Research, says the problem isn't technology or even policy; it's process. "They have a policy addressing a particular security element 99.9 percent of the time," explained Kark in a recent article. "The question is, are you really enforcing that policy, and how seriously?"
Based on the revelations shared by Charbo to Congress, the challenges DHS faces are not being taken seriously enough yet. As Kark concludes, "Right now, they're not using a coherent strategy; they're just scrambling."
Contributed by Mark Tordoff
Comments