During the past several years, federal agencies have spent immense amounts of time and money trying to make their computer systems safe and secure from unauthorized use or intentional damage. These efforts are laudable, and much progress has been made to protect the national information technology infrastructure from malefactors of various sorts. There is, however, one significant area in which substantially more progress is needed: encouraging government contractors to establish and maintain meaningful computer security procedures. Full Story