In a terse declassified summary of a classified report, the Homeland Security Department inspector general says the department maintains an effective information security management program for intelligence systems.

However, the cybersecurity of such systems is not perfect, the declassified summary sates. The DHS inspector general released the summary on Sept. 29 though it carries an August 2010 date.

Specifically, the inspector general says it has concerns with system certification and accreditation, documentation and the implementation of a security training and awareness program for intelligence personnel. These concerns are apparently ongoing, since the summary says they "still exist."

The report also notes that the DHS Intelligence and Analysis office is now responsible for Federal Information Security Management Act reporting for Coast Guard intelligence systems. I&A "should continue to provide management oversight" to ensure that the Coast Guard maintains an effective information technology security program, the summary states, without explaining why it is particularly instructing I&A on the Coast Guard.

For more:
- download the summary, all three pages of it: OIG-10-112 (.pdf)

Related Articles:
A merging of civilian and national security system cybersecurity underway
High-risk vulnerabilities found in key US-CERT system