recommended reading

DHS Misses Congressional Due Date to Show That Port ID Cards Work

A dock worker communicates on a walkie-talkie while a ship to shore crane loads containers onto a ship at the Georgia Ports Authority Garden City terminal.

A dock worker communicates on a walkie-talkie while a ship to shore crane loads containers onto a ship at the Georgia Ports Authority Garden City terminal. // Stephen B. Morton/AP

The Homeland Security Department has missed a congressionally ordered April 17 deadline to show that a half-billion dollar program for distributing maritime employee identification smartcards and scanners has actually protected vulnerable port areas. 

DHS officials told Nextgov that an assessment of the effectiveness of the Transportation Worker Identification Credential program is still in draft form. 

Last May, federal watchdogs recommended lawmakers repeal a law requiring employees to swipe the TWIC cards until the Transportation Security Administration produced the study. January 17 funding legislation expressing the intent of Congress incorporated some of the advice. Lawmakers instructed TSA to file such an assessment within 90 days. 

This week, the auditors, who work for the Government Accountability Office, testified before senators that, as of March, "TSA had no estimate for when the effectiveness assessment would be completed." 

TSA spokesman Ross Feinstein said on Thursday night, "Currently, the TWIC security assessment is in draft and is awaiting sign off from TSA and U.S. Coast Guard."

DHS has been preparing to expand TWIC nationwide at a projected cost of $3 billion, plus $234.2 million to hook up card scanners. 

Agency officials have said they see the credentials as worthwhile but would consider trying other technologies. 

“It’s not a silver bullet. It’s part of our layered security,” Steve Sadler, TSA’s assistant administrator for intelligence and analysis, told House members last year. “I think it provides value when it’s used properly and installed properly.”

The lawmakers wanted him to weigh a different approach, such as the "common access card," which functions as a standard military ID, or an arrangement in which local ports issue credentials.

Sadler replied at the time that TSA would look at any alternatives to enhance results.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.