Despite efforts to secure the federal territory in cyber space, the FAA finds its admin server hacked — and employee records were compromised:
While the FAA was hit this time, it certainly is not alone. Uncle Sam’s main jobs database, USAJobs, which is run by Monster.com, was hacked last month.
The security of government computers has been deemed a “high-risk” area, by the Government Accountability Office. “Most agencies continue to experience significant deficiencies that jeopardize the confidentiality, integrity, and availability of their systems and information,” the GAO said last month. “For example, agencies did not consistently implement effective controls to prevent, limit, and detect unauthorized access or manage the configuration of network devices to prevent unauthorized access and ensure system integrity.”
So, what do you do with a $6 billion policy initiative when the agency responsible for administering $1.5 billion has had serious questions raised as to the prior performance of its management of funds designated for rural broaband?
According to the report, $45.6 million went to wire several luxury subdivisions near Houston. About $30 million in loans defaulted, and the agency approved another $137 million in loans even when applications weren’t completed. A separate report from the inspector general in June found that $430,000 went to a Lubbock, Texas high-speed Internet service provider that used the money for pilot lessons for its president and treasurer.
BBC reports one manager in Britain very upset over the cost to his organization:
Andrew Way, chief executive of London’s Royal Free Hospital, said technical problems had cost the trust £10m and meant fewer patients could be seen.
The Department of Health said lessons had been learnt from the trial.
The England scheme, part of a £12bn IT upgrade, aims to put 50 million patient records on a secure database by 2014.
Implementation costs are important to consider when designing and evaluating policies.
Lots of tangents from the story on new FTC study on industry policing and advertising their privacy policies:
- FTC has two votes for regulation or legislation (doubts cast upon self regulation as a tool – public failure)
- Study thinks companies make the information regarding their privacy policies too difficulty for the average person to find/comprehend (market failure = information assymetry)
Points of interest here:
- Center for Digital Democracy
- Future of Privacy Forum
Interesting difference in headlines:
Note to self: Start an inventory of policy tools in each category of cyber policy