Dive Brief:
-
A new scorecard released on Wednesday found that federal government agencies have made some improvements in securing their IT systems over the last six months, according to The Hill.
-
The scorecard from the House Oversight Committee found seven agencies improved by at least one letter grade since the first scorecard was released in November 2015.
-
The Department of Energy was the most improved, jumping from an “F” to a “C-.” The highest grade, a “B,” was awarded to the Department of Commerce.
Dive Insight:
The scorecard ranked agencies on four aspects of the Federal Information Technology Acquisition Reform Act: consolidating data centers, reducing duplicative spending, enhancing agency CIO authorities and providing project risk assessments.
The agencies that showed improvement included the Office of Personnel Management, the departments of Justice, Energy, Labor, Agriculture and Education, and the Social Security Administration.
"Some agencies continue to do better than others, and today I am pleased to see moderate improvement in the grades from the first scorecard," Rep. Will Hurd (R-Texas), who chairs the committee's IT panel, told The Hill.
The General Services Administration was the only agency to drop in the rankings, going from a “B” to a “C.” NASA was the only agency to receive an “F," with the agency struggling with its cybersecurity policies and leadership.
Last month, a report from the agency's inspector general claimed NASA's lack of consistent leadership is undermining its ability to protect itself from cyberattacks. Over the past year and a half, NASA has had three "acting" senior security officers in the CIO's department, which has led to "confusion at the agency over roles and responsibilities," the report said. In April, a report released by security risk benchmarking startup SecurityScorecard ranked NASA dead last among 600 government entities it evaluated on cybersecurity efforts between April 2015 to April 2016.
