Hon. Ginny Brown-Waite, Ranking Republican Member, and a Representative in Congress from the State of Florida
Thank you, Mr. Chairman.
Our hearing today, as the Chairman indicated, is to learn more about the Information Security Management at the Department of Veterans Affairs, in particular, the current effectiveness of information security at the Department, and the need for cultural change.
Since the data breach of May 2006, the second largest in the nation and the largest in the federal government, we have seen the VA’s centralization of the VA’s information management, including information security. I appreciate the Secretary’s desire to make the VA the “Gold Standard” for information technology and information security management in the federal government. From what we have seen, adherence to the Federal Information Security Management Act (FISMA) has not been adequately addressed government-wide, as Congress intended when writing the law. This is why our Committee worked so hard last Congress to pass measures such as H.R. 5835, and the final version of S. 3421, which became Public Law 109-461. We have tried to give the Department, and in particular, the Secretary, the tools he needs to mandate change within the entire department to make certain that such security breaches are few, if any.
I have served on this Committee for four years, and recently been selected as the Ranking Republican Member of this Subcommittee. Over the years, I have seen the lack of resolve within the underlying culture at the Department, particularly at the facility level, to change the way senior management view IT security. It is sometimes difficult to embrace change, and this is what we need to address in this hearing. In order to protect our veterans, and provide them with the services they need, we need to remove that cultural predilection against change.
I appreciate the witnesses who have come to this hearing, particularly those who have traveled a distance to be here, and I look forward to hearing your testimony.
Thank you Mr. Chairman, and I yield back my time.