Feds bring home poor grades on cybersecurity report card

The federal government deserves mostly "D" grades for cybersecurity, according to a report card issued today by the Cyber Security Industry Alliance, an Arlington, Va., advocacy group made up of IT companies.

The group graded the federal government on progress in cybersecurity in 2005. It also issued its national agency for information security in 2006, promoting policy actions for the federal government to implement to improve IT security.

The alliance gave the Bush administration six "Ds" for inadequately funding cybersecurity to the Office of Management Budget and to the National Institute of Standards and Technology; for not tracking the total costs of cyberattacks, taking too little action on information-sharing and other shortcomings.

The Homeland Security Department received a "C" for failing to appoint an assistant secretary of cybersecurity and telecommunications, as promised by Secretary Michael Chertoff following his Second Stage Review in July.

The administration received an "F" for the lack of cybersecurity data that is publicly available from the National Information Assurance Partnership, a collaboration between NIST and the National Security Agency.

Overall, the alliance gave out an F, six Ds, four Cs and a B.