Since January, the State Department has wiped out more than 155,000 viruses on its IT systems. Between Oct. 1 and May 31, the first eight months of fiscal year 2003, the department recorded more than 700 attempts to hack its IT systems.

Those are just two examples of the vulnerabilities the government's thousands of IT systems face. At a hearing before a House panel Tuesday, government IT experts testified that progress in securing systems is being made, but at a slower pace than many had hoped.

"While some progress is clearly being made at federal agencies, going from an F to a D or D to a C isn't saying much," Rep. Adam Putnam, R-Fla., chairman of the House Subcommittee on Technology, Information Policy, Intergovernmental Relations, and the Census, said in opening remarks at an oversight hearing on cybersecurity. Putnam said Congress, the Bush administration, and agencies must work together to provide a relative degree of comfort that IT systems are secure. "We are a long way from that point today."

Putnam's lament was backed up by a report from the General Accounting Office, the investigative arm of Congress, that showed significant challenges remain in implementing information security requirements. For instance, eight of 24 agencies reported that they hadn't assessed security risks for half of their IT systems.

[ Read more ]