Government Computer Security Graded D+
In regards to my post earlier this morning on government computer security and the nationality of its vendors, it dawned on me that the entire conversation is moot. The GAO audits the security of federal agencies each year in accordance with FISMA. However, the federal government has never averaged better than the D+ it received this year. Furthermore, key agencies like, Defense, Homeland Security, the IRS, the SEC and the Treasury received flunking grades. If these key federal agencies can’t even pass our own audit, how can we even begin to worry about foreign national governments tampering with a private company’s product like Check Point and Lenovo. It just doesn’t make sense to write a stealthy back door into the software code when our government’s most sensitive data can be had so easily.