Information security (71 - 80 of 81 items)
Information Security: Recent Attacks on Federal Web Sites Underscore Need for Stronger Information Security Management
T-AIMD-99-223: Published: Jun 24, 1999. Publicly Released: Jun 24, 1999.
Pursuant to a congressional request, GAO discussed the recent break-ins of federal web sites.GAO noted that: (1) the recent series of attacks on federal web sites have primarily focused on defacing, or vandalizing web site content or initiating denial of service attacks in order to crash servers; (2) fortunately, the consequences of recent attacks on federal web sites have been largely confined to...
Information Security: Many NASA Missions-Critical Systems Face Serious Risks
AIMD-99-47: Published: May 20, 1999. Publicly Released: May 20, 1999.
Pursuant to a congressional request, GAO provided information on the National Aeronautics and Space Administration's (NASA) information security program, focusing on: (1) whether NASA's mission-critical information systems are vulnerable to unauthorized access; (2) whether NASA is effectively managing information systems security; and (3) what NASA is doing to address the risk of unauthorized acce...
Information Security: The Melissa Computer Virus Demonstrates Urgent Need for Stronger Protection Over Systems and Sensitive Data
T-AIMD-99-146: Published: Apr 15, 1999. Publicly Released: Apr 15, 1999.
Pursuant to a congressional request, GAO discussed: (1) the immediate effects of the Melissa virus and variations of it as well as its broader implications for the federal government; and (2) critical measures that should be taken to ensure that federal departments and agencies are better prepared for future viruses and other forms of attack.GAO noted that: (1) Melissa is a macro virus that can af...
Information Security: Serious Weaknesses Place Critical Federal Operations and Assets at Risk
AIMD-98-92: Published: Sep 23, 1998. Publicly Released: Sep 23, 1998.
Pursuant to a congressional request, GAO reviewed: (1) the effectiveness of federal information security practices based on recently issued audit reports; (2) efforts to centrally oversee and manage federal information security; and (3) actions taken by the Office of Management and Budget (OMB) and the federal Chief Information Officers (CIO) Council to address federal information security problem...
Air Traffic Control: Weak Computer Security Practices Jeopardize Flight Safety
AIMD-98-155: Published: May 18, 1998. Publicly Released: May 19, 1998.
Pursuant to a congressional request, GAO reviewed the Federal Aviation Administration's (FAA) computer security practices, focusing on: (1) whether FAA is effectively managing physical security at air traffic control (ATC) facilities and systems security for its current operational systems; (2) whether FAA is effectively managing systems security for future ATC modernization systems; and (3) the e...
Computer Security: Pervasive, Serious Weaknesses Jeopardize State Department Operations
AIMD-98-145: Published: May 18, 1998. Publicly Released: May 19, 1998.
Pursuant to a congressional request, GAO reviewed: (1) how susceptible the Department of State's unclassified automated information systems are to unauthorized access; (2) what State is doing to address information security issues; and (3) what additional actions may be needed to address the computer security problem.GAO noted that: (1) State's information systems and the information contained wit...
Information Security: Serious Weaknesses Put State Department and FAA Operations at Risk
T-AIMD-98-170: Published: May 19, 1998. Publicly Released: May 19, 1998.
Pursuant to a congressional request, GAO discussed its work on computer security, focusing on the results of its recent reviews of the Department of State and the Federal Aviation Administration (FAA).GAO noted that: (1) the dramatic increase in computer interconnectivity and the popularity of the Internet are offering government agencies unprecedented opportunities to improve operations by reduci...
Executive Guide: Information Security Management--Learning From Leading Organizations (Supersedes AIMD-98-21)
AIMD-98-68: Published: May 1, 1998. Publicly Released: May 1, 1998.
This publication supersedes AIMD-98-21, Executive Guide: Information Security Management--Learning From Leading Organizations, May 1998. GAO published a guide to assist federal agencies in establishing a management framework for exploring and reducing the information security risks associated with their operations...
Executive Guide: Information Security Management: Learning From Leading Organizations (Exposure Draft) (Superseded by AIMD-98-68)(Superseded by AIMD-00-21.2.8)
AIMD-98-21: Published: Nov 1, 1997. Publicly Released: Nov 1, 1997.
This publication has been superseded by AIMD-00-21.2.8, Travel System Requirements: Checklist for Reviewing Systems Under the Federal Financial Management Improvement Act of 1996, December 1999. This publication has been superseded by AIMD-98-68, Executive Guide: Information Security Management--Learning From Leading Organizations, March 1998. GAO published a guide to assist federal agencies in es...
Information Security: Computer Attacks at Department of Defense Pose Increasing Risks
T-AIMD-96-92: Published: May 22, 1996. Publicly Released: May 22, 1996.
GAO discussed information security procedures at the Department of Defense (DOD). GAO noted that: (1) as many as 250,000 DOD computer systems were attacked in 1995; (2) hackers successfully penetrate DOD computer systems 65 percent of the time; (3) hackers attack DOD computer systems to steal and destroy sensitive data and install reentry devices; (4) these attacks cost the government over half a...