Charbo said he and department officials were still reviewing the draft version of that report but were prepared to address the weaknesses by year's end.
On a broader level, Charbo said he realizes the agency has improvements to make but urged the politicians not to overlook what he called "significant progress" during the past few years. For instance, it has "remediated" 7,000 weaknesses identified by auditors and has certified that 95 percent of its systems have appropriate controls in place--compared with only 26 percent in October 2005.
Others questioned whether the department has been dedicating enough of its overall tech budget to security. According to Homeland Security, it spent $12.5 million in 2004, $17.5 million in 2005, and $15 million in 2006 and 2007. Charbo justified those expenditures by saying they reflected "our strategic security plan."
The lone Republican present at the hearing, subcommittee co-chairman Michael McCaul (R-Texas), said he and others were considering introducing legislation that would force Homeland Security to come up with a "national strategic threat assessment" regarding U.S. cybersecurity.
"This has never been done, it's long overdue, and the nation needs this to protect it," he said, adding that he feared a devastating cyberattack could be worse than the "effects of a weapon of mass destruction."