back to article Good news: NASA and Homeland Security just passed their government IT exams – and we really mean *just*

Washington DC has been hit with yet another discouraging assessment of the Uncle Sam's IT management and security practices. The bi-annual grading of federal organizations [PDF] was released this week, and, by and large, they show America's government bureaucrats have a lot of work to do when it comes to securing, updating, …

  1. gerdesj Silver badge
    Gimp

    Wank

    They are either up to scratch or not. Sounds like not.

    1. willi0000000

      Re: Wank

      c'mon . . . the have two years in-a-row of not anybody failing.

      that's better than last year's one in-a-row.

  2. Anonymous Coward
    Joke

    Uses for a Homeland Security Report

    The only practical use I can see for such a report is for some Washington apparatchik to fap-off over. Go on, lets go for the record with the most number of down-votes.

    1. Mark 85 Silver badge

      Re: Uses for a Homeland Security Report

      Nope, not fap-off but budget increase and personnel all in the name of 'we're going to make it better!!" Reality will be bloat, more restrictive rules for those they serve and bunch more federal employees eagerly awaiting their retirement.

      I'll give you an upvote for trying though.

      1. Joe W Silver badge

        Re: Uses for a Homeland Security Report

        Budget increase? What a quaint idea. I can totally see that happening.

        1. veti Silver badge

          Re: Uses for a Homeland Security Report

          Both Homeland Security and NASA have seen budget increases in the past couple of years. The DHS in particular - locking up children, conducting dawn raids on immigrants, putting up hundreds of Secret Service agents at every major golf course in North America... none of these things come cheap, you know.

          1. Gio Ciampa

            Re: Uses for a Homeland Security Report

            "putting up hundreds of Secret Service agents at every Trump-owned golf course in North America", surely?

    2. vtcodger Silver badge

      Re: Uses for a Homeland Security Report

      Sounds like the best way to improve your security rating is to give the CIO loads of authority and make sure you don't ever stiff any private business of any payment they might be owed. Nothing about keeping IOT junk out of the operation. Nothing about demanding vendors not spy on the government. Nothing about standards compliance. Things like HIPPA (patient medical data) and FIOA (Freedom of Information Act). I suspect some of that is actually reflected in the report even though the Reg chose not to highlight it.

      Anyway, my guess is that this report tells no one anywhere anything meaningful about government agency security. And my bet is that the security problem is so tough and best security practices are so inadequate that government security practices (outside the military and intelligence areas) are on a par with private industry. Pretty much a total, across the board, failure.

  3. Nick Kew

    I don't imagine a bunch of scientists at NASA give a toss about this kind of tickbox-exercise.

    Not that this is about them: it's their management structures. Do those change every six months or so in response to the latest fad? If yes, there's your problem. If no, who are you going to convince to respond to a report like this?

    1. willi0000000

      NASA's problems start with the fact that administrators are often not spaceflight or aeronautics supporters.*

      the problem is made almost infinitely worse because every Senator, Representative and President endlessly tries to micromanage** NASA as to what space missions to undertake and which state gets to supply parts.

      and none of the micromanager wannabes care about aeronautics or NASA's education programs.

      * Charles Bolton, the previous (unless that's changed again) administrator is an ex-astronaut was a modern exception.

      ** usually via funding threats.

  4. Andy The Hat Silver badge

    Micro management?

    Giving a department a B- rather than an A+ simply because their reporting structure is slightly different to the one the politicians want seems a 'fingers in pies' approach to oversight.

    There is no question or answer as to whether the existing reporting method works, is efficient or is effective just that it's not what the overseers wanted to see, which in itself may a be poor, inefficient and ineffective management solution. That is straight micro management.

  5. Pascal Monett Silver badge
    Trollface

    "many were neglecting to address even the most basic of cybersecurity requirements"

    Yes well security is . . Oh My God look : hackers in Russia !

    Oh God there are also hackers in China !

    And look : hackers in North Korea !

    We're being hacked, I tell you ! Run and scream like headless chickens !

  6. sporq2k

    eh?

    So what was the test actually testing?

    1. FozzyBear Silver badge
      Black Helicopters

      Re: eh?

      That the administrators had some sort of IT policy or procedure in place. Whether it was being adhered to and updated accordingly.

      The fact that those policies and procedures may not eliminate or reduce the chances of intrusion is a different test.

  7. Spanners Silver badge
    Alert

    Interesting correlation there

    The organisations that got the lowest grades were really good at paying licencing costs.

    What causes this inverse correlation then?

  8. Anonymous Coward
    Anonymous Coward

    Recruitment

    Interesting that a friend who works at the Department of Fatherland Security (some analysis unit I think; I figured if I got him to tell me more specifics he'd have to kill me) said how much I'd love working in the group. But really not interested in working in DC.

  9. Anonymous Coward
    Anonymous Coward

    SO shocked like not so much.

    After decades working for multiple Government Departments and Agencies that put NPCs in charge I'm neither surprised or hopeful.

    These people are interested in their Careers, power and signaling.

    It's unfortunate but if they really cared we wouldn't be tumbling towards a Linux Cloud under a M$ sky.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020