Gartner slams government security guidelines

Powered by SC Magazine
 

Nothing but a PR stunt, claims analyst.

Analyst firm Gartner has dismissed a tightening of security rules for US government agencies as a mere "public relations response" to recent high-profile incidents.

During a burglary in May, thieves stole a laptop containing confidential information on 26.5 million veterans and military personal from the home of an employee for the Veterans Authority.

The laptop was recovered in June and it is claimed that the data was not accessed.

Also in May, a recruiter for the Internal Revenue Service lost a laptop with information on 291 of the service's workers and job applicants. In both cases the data was not encrypted.

The US Office of Management and Budget issued a memorandum last week requiring federal government agencies to report "all security incidents" to the US Computer Emergency Readiness Team within one hour of discovery.

Agencies were previously required to report only unauthorised access to data within one hour. The rules allowed for up to a week to report "improper usage incidents" such as storing unencrypted data laptops or home computers.

But Gartner concluded that the new measures will only prevent embarrassing media reports surfacing before the authorities have been informed.

"Gartner believes that 'improper usage' is not defined clearly enough as it relates to personal information, and that either the Office of Management and Budget or National Institute of Standards and Technology should issue more specific guidance in this area," said Gartner analysts John Pescator and Jay Heiser.

"Increased and faster reporting will lead to little more than accurate and timely statistics unless incident response processes in government are drastically improved."

Copyright ©v3.co.uk


Gartner slams government security guidelines
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Five emerging technologies that will transform financial services
[Blog post] Far out ideas that aren't far off.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  29%
 
Application integration concerns
  3%
 
Security and compliance concerns
  27%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  22%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  4%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 957

Vote