Citizens United Files Lawsuit Against State Dept For Harold Geisel’s Records and OIG Report on Diplomatic Security

Posted: 11:16 am PDT
Updated: 8:37 om PDT

 

Via Bloomberg:

Citizens United filed its fourth lawsuit against the State Department on Thursday, this time seeking documents related to the agency’s Office of Inspector General during former Secretary of State Hillary Clinton’s tenure. In the suit, filed in the U.S. District Court for the District of Columbia, the conservative advocacy group complains that the State Department has not responded to two of its Freedom of Information Act requests in more than six months, beyond acknowledging receiving them. The statutory requirement is 20 business days.

In its court filing, Citizens United argues that “when left to their own devices State Department bureaucrats have taken over three years to respond to Citizens United’s FOIA requests” and that “Such extensive delays are in clear violation of both the letter and the spirit of the Freedom of Information Act.”

This latest lawsuit, asked for two specific records related the Office of the Inspector General of the State Department: the first one related to former acting IG Harold Geisel, and the second one related to inspection report ISP-I-13-18 released in March 2013. This is the inspection report (pdf) on Diplomatic Security where the inspectors concluded that Diplomatic Security’s Special Investigations Division (SID) lack independence. The OIG recommended that “The Office of the Deputy Secretary should restructure the investigative responsibilities currently assigned to the Special Investigations Division. The outcome should include safeguards to prevent any Department of State or Diplomatic Security official from improperly influencing the commencement, course, or outcome of any investigation.” We don’t know if anything happened in that front but in any case, Citizens United wanted to see all the details, potentially messy, generated by that report. We should also note that this specific report previously made a cameo appearance in another lawsuit in Texas and attracted congressional interest.

Below excerpted from court records:

CITIZENS UNITED’S SEPTEMBER 16, 2014 FOIA REQUEST (GEISEL RECORDS), F-2014-16237

11. On September 16, 2014 Citizens United submitted a FOIA request, online, to Defendant. See Exhibit B (FOIA Request Letter). The request sought:

On April 25, 2011, The Washington Post reported on the vacant State Department’s Inspector General position. The Washington Post reported that: “One high-ranking official familiar with the selection process said the State Department’s current leadership had opposed filling the top slot because it prefers the office to remain under Geisel’s supervision.” On April 5, 2011 the Government Accountability Office (GAO) released a report titled State Department Inspector General, Actions To Address Independence And Effectiveness Concerns Are Under Way, (GAO-11-382T). The records I request can be described as follows: Any and all records, correspondence, and memos, in any and all formats, that mention, discuss, or reference the performance of Harold W. Geisel as acting State Department inspector general, the nomination of an inspector general, potential candidates for inspector general, a preference or desire to retain Harold W. Geisel as acting State Department inspector general, the aforementioned GAO report, and/or the vacant inspector general position in any context that were sent to and/or sent from any of the following individuals: Secretary of State Hillary Clinton, Office Manager Claire Coleman, Counselor and Chief of Staff Cheryl Mills, Deputy Chief Of Staff for Operations Huma Abedin, Deputy Chief of Staff for Policy Jacob Sullivan, Executive Assistant Alice Wells, Senior Advisor Jeannemarie E. Smith, Special Assistant Lona Valmoro, Special Assistant Nima Abbaszadeh, Special Assistant Bernadette Meehan, Deputy Secretary Thomas Nides, Deputy Secretary William J. Burns, Under Secretary Patrick F. Kennedy, Under Secretary Wendy R. Sherman, and Acting Deputy Department Spokesman Mark C. Toner.

B. CITIZENS UNITED’S SEPTEMBER 16, 2014 FOIA REQUEST (INSPECTOR GENERAL REPORT), F-2014-16250

16. On September 16, 2014 Citizens United submitted a FOIA request, online, to Defendant. See Exhibit D (FOIA Request Letter). The request sought:

Any and all correspondence, memos, or records, in any format, that mention, reference, or discuss the State Department Office of Inspector General report The Bureau Of Diplomatic Security, Office Of Investigations And Counterintelligence, Divisions Of Special Investigations, Criminal Investigations, And Computer Investigations And Forensics (ISP-I-13-18), and/or any previous drafts of the report, and that were sent to, or sent from, the following individuals: Hillary Rodham Clinton, Cheryl D. Mills, Huma Mahmood Abedin, Jennemaire E. Smith, Lona Valmoro, Joanne Laszczych, Monica Hanley, Robert V. Russo, and Nora F. Toiv.

This should be interesting unless everything get Sharpied out.  The case is  Citizens United v. United States Department of State, Civil Action No. 15-cv-441 (pdf).

Also this:

.

#

U.S. Embassy Uganda Warns of Possible Terrorist Threats to Western Interests

Posted: 9:15 pm PDT

 

Via U.S. Embassy Kampala, March 25, 2015

The U.S Embassy has received information of possible terrorist threats to locations where Westerners, including U.S. citizens, congregate in Kampala, and that an attack may take place soon.  Out of an abundance of caution, the U.S. Mission has cancelled some non-essential events scheduled at local hotels in the coming days.  U.S. citizens staying or visiting hotels should expect increased security sweeps and delays when entering or exiting hotel areas.

#

IT Consultant Using Identity Of Deceased Infant Snagged During Passport Application

Posted: 2:08  am EDT

 

Via USDOJ:

Computer Industry Consultant Convicted For Using Identify Of Deceased Infant

BOSTON – A former Boston computer industry consultant was found guilty following a five-day jury trial on March 6, 2015, of assuming the identity of an infant who died in 1966 and using that identity to obtain a Social Security number.

Steven Nolte, 51, was convicted of passport fraud, aggravated identity theft, and use of a falsely-obtained Social Security number.  U.S. District Court Judge Denise J. Casper scheduled sentencing for May 28, 2015.  He remains detained pending sentencing.

Nolte was born in Arizona in 1963 as Steven Nolte, but in 1997, he assumed the identity of a four-day-old infant who died in 1966.  At the time Nolte adopted this identity, he was in the process of stealing over $571,000 from a real estate company for which he had provided computer consulting services.  Nolte then obtained a passport in the assumed identity and traveled to Costa Rica, where proceeds of the theft had been wire-transferred.  Nolte thereafter traveled extensively in the South Pacific and ultimately settled in the Boston area, where he worked in the computer industry for many years under his assumed identity.  In 1999, he applied for a Social Security number by using the same false identity.  Nolte’s true identity was discovered in May 2012 when he submitted an application for a replacement passport in Boston under his assumed name.  State Department officials realized that the Social Security number Nolte was using had not been issued to Nolte in the assumed name until he supposedly was 33 years old.  Upon further investigation, agents learned of the infant’s death in 1966, and ultimately uncovered Nolte’s true identity.

The charge of making false statements in a passport application provides for no greater than 10 years in prison and three years of supervised release; the charge of using a falsely-obtained Social Security number provides for no greater than five years in prison and three years of supervised release; and the charge of aggravated identity theft provides for a mandatory two years in prison, and one year of supervised release.  All three charges provide for fines of up to $250,000.  Actual sentences for federal crimes are typically less than the maximum penalties.  Sentenced are imposed by a federal district court judge based on the U.S. Sentencing Guidelines and statutory sentencing factors.

United States Attorney Carmen M. Ortiz; David W. Hall, Special Agent in Charge of the U.S. Department of State, Bureau of Diplomatic Security, Boston Field Office; and Scott Antolik, Special Agent in Charge of the Social Security Administration, Office of Inspector General, Office of Investigations, Boston Field Division, made the announcement today.  The case is being prosecuted by Assistant U.S. Attorneys Brian Pérez-Daple and Robert E. Richardson of Ortiz’s Major Crimes Unit.

Original announcement is here.

#

US Embassy Niger: Schools Attended by Official American Dependents Get Armed Guards

Posted: 12:58  am EDT
Updated: 1:49 pm EDT message updated by US Embassy Niamey

 

The U.S. Embassy in Niamey released a Security Message on March 19 informing American citizens in Niger of the change in embassy school policy:

The U.S. Embassy informs U.S. citizens that, due to ongoing security concerns, schools attended by officials of U.S. citizens now require the presence of armed guards.

The U.S. Embassy informs U.S. citizens that, due to ongoing security concerns, schools attended by children of official U.S. citizens now require the presence of armed guards. (updated)

The U.S. Embassy reminds U.S. citizens in Niger to exercise caution, maintain a high level of vigilance, take appropriate steps to increase security awareness, and pay attention to your surroundings at all times.

The Embassy reminds U.S. citizens of the importance of taking precautions that can help you avoid being a target. Please follow these good personal security practices:

Avoid crowds or large gatherings when traveling in public;

Reduce exposure to places where Westerners frequently congregate, such as hotels, restaurants, bars, nightclubs, and grocery stores;

Know where you are going and have an exit plan in the event you encounter demonstrations or violence;

Tell family member, co-workers, or neighbors where you’re going and when you intend to return;

Minimize your profile while in public;

Follow the instructions of local authorities;

Be prepared to postpone or cancel activities for personal safety concerns;

Always carry a cell phone and make sure you have emergency numbers pre-programmed into your phone such as the U.S. Embassy number tel. (227) 20-72-26-61 and the after-hours emergency number, (227) 20-72-31-41.

Niger Map from CIA World Fact Book

Niger Map from CIA World Fact Book

According to the 2014 Crime and Safety report, Niger is rated by the Department of State as High for terrorism and for crime.

  • Its central location and the vast, open Sahara and Sahel Deserts make the transit of terrorists, criminals, weapons, migrants, contraband, and illegal drugs possible.
  • Due to safety and security concerns, the Peace Corps ceased its operations in Niger in January 2011.
  • Embassy Travel Policy (applicable to all U.S. government executive branch travelers under Chief of Mission authority) requires that all travel north of Niamey and east of Zinder be accompanied by an armed security escort, with guards at hotels for overnight stays.

Excerpt from the Crime and Safety Report:

There has been an overall decrease in residential robberies in Niamey. Home invasions and residential robberies occur primarily after dark and can be violent. There have been several incidents in which assailants attacked the residential guard or the occupants of the residence. While thieves typically choose to rob homes that have no residential guard and/or visible residential security measures, there have been several incidents in which assailants attacked the residential guard or the occupants of the residence, including some diplomat and NGO residences. There was an incident at an Embassy residence by a violent individual; the Embassy guard on duty physically protected the residence from intrusion. In addition, there have been numerous cases of commercial and NGO office robberies.

Niger is rated high for terrorism. Niger has experienced terrorism firsthand, mainly in the form of kidnapping-for-ransom (KFR) operations and clashes between the Nigerien military and al-Qai’da in the Lands of the Islamic Maghreb (AQIM) or other terrorist groups in the north. The January 2013 French military intervention in Mali against AQIM and its allies caused terrorist elements to threaten reprisals against countries — including Niger – that participated. In May 2013, AQIM-related forces led by Mokhtar Belmokhtar executed simultaneous suicide attacks with Vehicle Borne Improvised Explosive Devices (VBIED) and dismounted gunmen on a Nigerien military camp in Agadez and a French-owned uranium mine in Arlit.

Boko Haram (BH) has an increasing presence; the group is from northern Nigeria, where the population – mostly Hausa and Kanuri – is essentially identical to that on the Nigerien side of the border. In Nigeria, Boko Haram has attacked government forces, slaughtered civilians, and kidnapped foreigners. Niger, whose population is majority Hausa, has experienced an increase in extremist rhetoric in the south (specifically Diffa), and Boko Haram members have been arrested in Niger.

According to the March 8 update at state.gov, Embassy Niamey is a 30% hardship differential post with zero COLA and zero danger pay.

 #

US Embassy Mali Issues Security Message on La Terrasse Suspects At-Large, Potential Future Attacks

Posted: 12:52  am EDT

 

.

On March 19, the U.S. Embassy in Bamako released a security message to American citizens residing in Mali related to the March 7 attacks:

The U.S. Embassy provides the following information and security guidance to U.S. citizens following the March 7 attacks at La Terrasse.  Malian authorities report that the suspects involved in the attacks are still at-large.  While there are no specific restrictions on public venues, official U.S. government personnel are advised to reduce exposure to places frequented by westerners until the hunt for suspects-at-large is concluded.  As a result of the continuing investigation, Malian and international security forces have developed leads that may indicate potential future attacks in the capital.  Therefore, the U.S. Embassy has reemphasized general security guidance provided earlier this week, and has informed official U.S. government personnel of the following additional measures:

  • The Embassy is in regular communication with the American International School of Bamako (AISB) regarding its security posture, including transport and physical security.
  • Official U.S. government personnel lodging in local hotels will no longer be concentrated into a few hotels.
  • Personal travel by official governmental personnel outside Bamako is prohibited in March and April, at which time the restriction will be reassessed.
  • Additional guidance will be distributed in coming days about possible movement restrictions for official U.S. government personnel around Bamako on the two upcoming holidays, March 26 and April 6.

Although the Embassy is not aware of any specific threat information at this time, Malian security forces continue to show a heavy presence around Bamako, including roadblocks and random police checkpoints, especially from dusk to dawn.  U.S. citizens are reminded to exercise caution, remain vigilant, maintain situational awareness at all times, vary routes, and take appropriate security precautions to ensure their own safety, as should be standard operating procedure at all times.  Ensure your personal communications devices are usable in a crisis, and fully employ any safety measures (locks, grills, alarms, etc.) at your residence.

Mali Map from CIA World Fact Book

Mali Map from CIA World Fact Book

The 2014 Crime and Safety Report for Mali notes the following:

Despite the significant successes of French offensive and counterterrorist operations, military operations continue to take place in the northern region of the country based on the persistent presence of extremist and militant factions and their capabilities to target Malian and western targets, including UN and French assets. Although the security situation in Bamako remains relatively static, there are continued concerns that Bamako remains a viable target for these groups. In January 2014, extremist leader Mokhtar Belmokhtar reemphasized his pledge to target France and its allies in Mali in retaliation for Operation Serval. Violent extremist elements have demonstrated their ability to carry out a variety of different operations in northern Mali, including vehicle-borne and person-borne improvised explosive devices (VBIED and PBIED); armed assaults; indirect fire and hand grenade attacks; and other attacks against foreign nationals, including kidnappings. Training camps and weapons caches continue to be discovered. Two French journalists were kidnapped then killed in November 2013 in the Kidal region.

Americans are currently warned against all travel to Mali because of ongoing fighting in the country, fluid political situations, and continuing threat of attacks and kidnappings of Westerners. While the security situation in Bamako has remained relatively stable, security concerns and military operations continue throughout parts of the country. U.S. citizens who are in country are urged to exercise caution, be particularly alert to their surroundings, and exercise prudence if choosing to visit locations frequented by Westerners in and around Bamako.

According to the state.gov update dated March 8, 2015,  Embassy Bamako is a 10% COLA, 10% danger and 25% hardship differential post.

#

US Embassy Tokyo: Consular Section Contributes to Flowers Will Bloom Project

Posted: 12:19 am  EDT

 

Via US Embassy Tokyo

“The American Embassy offers its continued sympathy and support for the victims of the 3.11 Triple Disaster, and is pleased and proud to contribute to the Flowers Will Bloom project. Here, staff from our consular section offer their version of the Flowers Will Bloom, highlighted by photos of Ambassador Kennedy’s visits to Tohoku in 2013 and 2014.”

The triple disaster of the earthquake, tsunami, and Fukushima nuclear plant breakdown struck Japan on March 11, 2011.

 

 

Embassy Tokyo and USCG Okinawa are currently in the front pages due to media reports that both Ambassador Kennedy and Consul General Alfred Magleb had been the objects of death threats in telephone calls last month. We don’t know why the news are just showing up now.

The Consular Section in Naha serves a large number of American military personnel and their families stationed on Okinawa. According to the Consulate General, its staff includes a 10-person consular team looking after Americans in need of passports (over 5,000 per year), reports of birth abroad (well above 1,000 annually), and other U.S. citizen services.

According to a 2014 CRS report, the Japanese archipelago serves as the most significant forward-operating platform for the U.S. military in the region; approximately 53,000 military personnel (39,000 onshore and 14,000 afloat in nearby waters), 43,000 dependents, and 5,000 Department of Defense civilian employees live in Japan.  It also notes that about 25% of all facilities used by U.S. Forces Japan and about half of the U.S. military personnel are located in Okinawa, which comprises less than 1% of Japan’s total land area.

#

Ambassador Mark Lippert tweets, “doing well & in great spirits …”

Posted: 11:04 EST

 

 

More details from Reuters and Voice of America below:

  • Ambassador Lippert was attacked and  slashed in the face by a Korean nationalist at about 7:40 a.m. local time Thursday (2240 GMT Wednesday) at a forum hosted by the Korean Council for Reconciliation and Cooperation in Seoul.  The attack took place in a government arts centre across the street from the heavily guarded US embassy.
  • He was treated at Yonsei University’s Severance Hospital where he underwent a two and a half hour surgery that required 80 stitches.
  • A small fruit knife  was used in the attack.
  • The attack resulted on a gash on the ambassador’s face measuring 11 centimeters (4 inches) long and 3 centimeters (1 inch) deep, located from his right cheekbone to jaw on the right side of his face and a puncture wound on his left wrist, causing nerve damage that was repaired.  There was reportedly no major damage to his facial nerves or salivary glands. Reports say he will be hospitalised for three or four days.
  • The forum organizer denied that the alleged assailant was a member. “Kim was able to gain admittance by taking advantage of a bureaucratic oversight, saying he was from an old group that no longer exists but remains on the organization’s list.  He said it was an annual event and there had been no such incident like this in past, so they did not request extra police presence.” The assailant who was caught and identified also tried to attacked the Japanese ambassador to South Korea in 2010 by throwing a piece of concrete. He was reportedly given a suspended jail term for that incident.

 #

Related post:

U.S. Ambassador to South Korea Mark Lippert injured in attack by armed assailant (updated)

Have Brawn, Endurance and Wanna See the World? Uncle Ben Wants You!

Posted: 14:06 EST

 

The Department of State is developing a rank-order Register to fill a limited number of Foreign Service Diplomatic Courier vacancies.  Couriers are responsible for the security of the Department of State’s Courier-accompanied diplomatic pouch operations worldwide. The job is physically exacting and couriers spend a substantial portion of their careers living and working overseas in a nearly constant travel status using conveyances to include passenger and cargo aircraft, trucks, trains, and ships.

It is important that a Diplomatic Courier has the physical endurance to withstand the challenging physical stresses from working long hours, lack of sleep, extremes of heat or cold, and other discomforts. A Diplomatic Courier must have the physical strength to lift and move heavy items such as diplomatic pouches and crates that may be oversized and weigh as much as 70 lbs or carry heavy equipment.

Some essential functions of the job have a physically demanding component. For instance, a Diplomatic Courier is required to perform work that requires regular and recurring periods of prolonged sitting, standing, bending, and stretching. A Diplomatic Courier is often required to physically move and transport heavy diplomatic pouches. That could involve climbing ladders and working in and around aircraft, trucks, trains, aboard ships, etc. Other essential duties of the job may involve assisting with the recurring lifting of heavy diplomatic pouches and boxes. Related activities include crawling, maneuvering, and working in cramped spaces as well as the occasional moving and transporting of diplomatic pouches that may weigh as much as 70 lbs.

In addition, candidates must have vision that is correctable to 20/20 in one eye and 20/40 in the other, no color blindness, adequate night vision and good peripheral vision. Candidates must have good hearing with no loss of greater than 30 decibels at 500, 1000, 2000 Hz level. The musculoskeletal system should have no deformities, diseases or limiting conditions that would interfere with the performance of duties.

The Office of Medical Services will conduct or arrange for a physical examination of each applicant offered a position to ensure that the candidate meets the physical and medical requirements necessary to perform the essential functions of the job and can meet the standards required for a worldwide medical clearance.

Applicants must be available for worldwide service, and be able to tolerate intensive world travel, living away from family, and working and living in difficult and / or isolated conditions.

 

According to State Department statistics, the agency has 102 full time, permanent couriers as of March 2013.  The largest population of couriers is in the FS-04 level, a couple is in the Senior Foreign Service.

Applicants must be U.S. citizens between the ages of 20 and 59 and posses a valid U.S. driver’s license. Education and experience qualifications must be met. Male candidates must also be in compliance with the Selective Service Act.  This is an FP-06 job with an annual salary of $39,166-$57,517.  Application deadline coming up. See more at careers.state.gov.

* * *

State Dept Suspends US Embassy Yemen Operations, Relocates Staff Until Further Notice

Posted: 00:46 EST
Updated 2/14/15 11:47 PST

 

The State Department suspended embassy operations at the U.S. Embassy in Sanaa, Yemen and American staff were relocated out of the country according to the February 11, 2015  Travel Warning released late tonight. Embassy Sanaa had previously announced the suspension of all consular services until further notice on February 8.

On February 11, 2015, due to the deteriorating security situation in Sanaa, the Department of State suspended embassy operations and U.S. Embassy Sanaa American staff were relocated out of the country. All consular services, routine and/or emergency, have been suspended until further notice. The Department urges U.S. citizens to defer travel to Yemen and those U.S. citizens currently living in Yemen to depart. This supersedes the Travel Warning for Yemen issued on September 25, 2014.

The level of instability and ongoing threats in Yemen remain extremely concerning, and there are no plans for a U.S. government-sponsored evacuation of U.S. citizens at this time. We encourage U.S. citizens wishing to depart to do so via commercial transportation options. If you wish to depart Yemen, you should make plans to depart as soon as possible. Airports may experience unexpected closures with little to no warning and access to the airport also may be cut off if the security situation deteriorates. All U.S. citizens in need of emergency assistance should contact a U.S. embassy or consulate in a neighboring country. For U.S. citizen inquiries, you may send an email to YEMENEMERGENCYUSC@state.gov.

The announcement followed a whirl of rumors surrounding the suspension of operations at Embassy Sana’a in less than 24 hours.

 

.

.

Apparently, the Houthi leader was not happy about this possible closure (technically a suspension of operations since the US has not terminated diplomatic relations with Yemen):

.

 

It’s just a slogan, really?

 

The British ambassador to Yemen:

 

Whoa, a practice siege?

 

.

 

And just like the suspension of operations at US Embassy Tripoli, this, too, unfolded on social media:

 

.

 

Around dinner time EST, the AP confirmed the suspension of operations in Sanaa and the evacuation of staff due to security concerns:

* * *

Update:

State Department’s Computer Systems Hacked, 5th Known Agency Breach This Year?

– Domani Spero

 

Just the bit of bad news you don’t need to start your Monday:

 

Below via WaPo:

The State Department did not seek to publicize that it had been hacked. On Friday, it announced that “maintenance” would be done to the unclassified network during a routine, scheduled outage. But on Sunday, after the Associated Press first reported the breach, officials acknowledged they had found traces of suspicious activity in their system and were updating security in the middle of a scheduled outage. In a sign of how complete the shutdown was, duty officers were using Gmail accounts.

A senior State Department official, who spoke on the condition of anonymity to discuss the breach, also told WaPo that “none of the department’s classified systems were compromised.”

Would State report publicly the classified intrusion if those systems were compromised?

This report follows the confirmation of a hack at the National Oceanic and Atmospheric Administration which reportedly forced cybersecurity teams to seal off data vital to disaster planning, aviation, shipping, etc. this past September, the reported breach of the computer networks of the United States Postal Service, compromising the data of more than 800,000 employees and a breach at the White House.  In June this year, the WSJ also reported the breach of computer systems at the Office of Personnel Management, which stores data on federal employees.

An unnamed official told nextgov.com that State is bolstering the security “of its main unclassified network during a scheduled outage of some Internet-linked systems.” The site, nextgov.com says it is “unclear why officials waited until this weekend to disconnect potentially infected systems at State.”

As of this writing, the State Department’s mobile access (go.state.gov) is down with the following notice: “The Department is currently experiencing an ongoing, planned outage to upgrade our network.  during this event, mobile access (GO) will be unavialable.  We apologize for any inconvenience this may cause you.  For questions or more information, please contact the IT Service Center at 202-647-2000.”

We understand that GO will be down until further notice and may need to be rebuilt. A mobile copy is currently live at http://m.state.gov.

* * *

In totally unrelated news, and nothing/nothing whatsoever to do with this reported hack — State/OIG on November 7, published its Audit of Department of State Information Security Program.  The report is readable if you don’t mind the redacted parts:

Screen Shot 2014-11-15 at 11.11.19 AM

Below is an excerpt:

Information technology security controls are important to protect confidentiality, integrity, and availability of information and information systems. When they are absent or deficient, information becomes vulnerable to compromise.[REDACTED]
[…]
Although we acknowledge the Department’s actions to improve its information security program, we continue to find security control deficiencies in multiple information security program areas that were previously reported in FY 2010, FY 2011, FY 2012, and FY 2013. Over this period, we consistently identified similar control deficiencies in more than 100 different systems. As a result, the OIG issued a Management Alert in November 2013 titled “OIG Findings of Significant and Recurring Weaknesses in the Department of State Information System Security Program” that discussed significant and recurring control weaknesses in the Department’s Information System Security Program [REDACTED B(5)]

The FY 2013 FISMA audit report contained 29 recommendations intended to address identified security deficiencies. During this audit, we reviewed corrective actions taken by the Department to address the deficiencies reported in the FY 2013 FISMA report. Based on the actions taken by the Department, OIG closed 4 of 29 recommendations from the FY 2013 report.
[…]
We identified control deficiencies in all [Redacted] (b) (5)  of the information security program areas used to evaluate the Department’s information security program. Although we recognize that the Department has made progress in the areas of risk management, configuration management, and POA&M since FY 2013, we concluded that the Department is not in compliance with FISMA, OMB, and NIST requirements. Collectively, the control deficiencies we identified during this audit represent a significant deficiency to enterprise-wide security, as defined by OMB Memorandum M-14-04.
[…]
Although we found the Department’s Computer Incident Response Team (CIRT) Standard Operating Procedures aligned with NIST SP 800-61, Revision 2,39 procedures do not clearly state all the bureaus, offices, and organizations that require notification prior to closing an incident. As a result, DS/SI/CS did not report all incidents to the U.S. Computer Emergency Readiness Team (US-CERT) as required. Specifically, 1 out of 22 (5 percent) security incidents we tested was not reported to the US-CERT, even though it was a Category 4 incident and involved potential classified spillage. If the Department does not report data spillage incidents (potential or confirmed) to US-CERT within the established timeframes, US-CERT may not be able to help contain the incident and notify appropriate officials within the allotted timeframe.

According to State/OIG, Category 4 incidents are incidents involving improper usage of Department systems or networks (that is, a person that violates acceptable computing use policies).

According to OMB Memorandum M-14-04, a significant deficiency is defined as a weakness in an agency’s overall information systems security program or management control structure, or within one or more information systems that significantly restricts the capability of the agency to carry out its mission or compromises the security of its information, information systems, personnel, or other resources, operations, or assets. via

 * * *

Related item:

Audit of Department of State Information Security Program; Published On: November 07, 2014; Report Date: November 2014; Report Number: AUD-IT-15-17; View Report: aud-it-15-17.pdf