The overall security of computer systems inside the largest U.S. government agencies improved marginally since last year but still merits only a D-plus on the latest progress report from Congress.
The departments of Transportation, Justice and the Interior made remarkable improvements, according to the rankings, which were compiled by the House Government Reform Committee and based on reports from each agency's inspector general.
But seven of the 24 largest agencies received failing grades, including the departments of Energy and Homeland Security. The Homeland Security Department encompasses dozens of agencies and offices previously elsewhere in government but also includes the National Cyber Security Division, responsible for improving the security of the country's computer networks.
"Several agencies continue to receive failing grades, and that's unacceptable," said Rep. Tom Davis, R-Va., the committee's chairman. "We're also seeing some exceptional turnarounds."
Davis said troubling areas included lax security at federal contractor computers, which could be used to break into government systems; a lack of contingency plans for broad system failures and little training available for employees responsible for security.
The Transportation Department improved from a D-plus to an A-minus; the Interior Department, which failed last year, improved to a C-plus; and the Justice Department rose from a failing grade to B-minus.
The poor grades effectively dampen efforts by U.S. policy makers to impose new laws or regulations to compel private companies and organizations to enhance their own security. Industry groups have argued that the government needs to improve its own computer security before requiring businesses to make such changes.