Sen. Carper Concerned About Loss of Government Data

WASHINGTON – As chairman of the Senate Subcommittee on Federal Financial Management, Government Information and International Security, Sen. Tom Carper (D-Del.) today told federal agencies they must do more to secure information and personal data to reduce threats of identity theft and risks to our national security.

Sen. Carper called today’s subcommittee hearing to examine how well agencies have reduced information security risks, since enactment of the Federal Information Security Management Act (FISMA) in 2002. The senator cited recent examples of foreign and domestic cyber attacks on U.S. information networks and called these breaches intolerable.

The senator said that every day, government computer systems are attacked by unauthorized people trying to gain access to tax and medical records, Social Security numbers, private business information and military secrets.

“This hearing marks a renewal of our proactive efforts to secure one of the most threatened and important national resources – our sensitive information,” said Sen. Carper. “I am concerned that, five years after the passage of FISMA, agencies have become complacent, just checking boxes to show they were complying with this information security legislation. Recent reports of more and more severe breaches of federal security systems are simply unacceptable and show that there is more work to be done to secure our nation’s data.

“Some federal agencies have made progress in implementing and measuring crucial information security protections,” Sen. Carper said. “But Congress also has a responsibility to make sure agencies have reliable standards to measure security threats and how well we are responding. If the law or its implementation is not working, we need to fix it, because we cannot allow sensitive government information to be at risk.”

Sen. Carper’s subcommittee heard testimony from several key public and private sector security experts, including those charged with protecting sensitive information in the Departments of State and Veterans Affairs, the Nuclear Regulatory Commission and the United States Agency for International Development.