GAO: DHS has 'major tasks' to do in cybersecurity

Related Links

A work in progress

A new Government Accountability Office report recognizes the efforts the Homeland Security Department has made to strengthen its responsibilities for enhancing the cybersecurity of critical infrastructures. But GAO said major tasks remain to be done.

The report was included as testimony by David Powner, director of information technology management issues at GAO, when he appeared before the House Homeland Security Committee’s Economic Security, Infrastructure Protection and Cybersecurity Subcommittee Sept. 13.

In its report, GAO states that in 2005 DHS had pinpointed 13 key cybersecurity responsibilities without fully addressing any of them. For example, DHS established forums to foster information sharing among federal and law enforcement officials “but had not developed national threat and vulnerability assessments for cybersecurity.”

GAO acknowledged that some progress has been made since then in all 13 categories, including DHS’ release of a National Infrastructure Protection Plan, but the department still has not completed any of them.

GAO said DHS’ initiatives this year to develop an integrated public/private plan for Internet recovery were not complete or comprehensive. Moreover, many of the efforts of the working groups DHS established to facilitate coordination and practice responding to cyber events “lacked time frames for completion, and the relationships among its various initiatives were not evident.”

GAO also took note of the number of senior DHS cybersecurity officials who have left the department. The newly created position of assistant secretary of cybersecurity and telecommunications has been unfilled for a year.

George Foresman, DHS’ undersecretary for preparedness, told the subcommittee the department has a strong potential candidate for that job and would possibly bring that person forward soon, pending a security clearance.

GAO noted that it has made about 25 recommendations to DHS in the past several years. It has suggested that the department conduct threat and vulnerability assessments and develop a strategic analysis and warning capability for identifying potential cyberattacks.

“Until they are addressed,” the report states, “DHS will have difficulty achieving results as the federal cybersecurity focal point.”

About the Author

David Hubler is the former print managing editor for GCN and senior editor for Washington Technology. He is freelance writer living in Annandale, Va.

Featured

  • Cybersecurity
    CISA chief Chris Krebs disusses the future of the agency at Auburn University Aug. 22 2019

    Shared services and the future of CISA

    Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.

  • Telecom
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA softens line on looming EIS due date

    Think of the September deadline for agencies to award contracts under the General Services Administration's $50-billion telecommunications contract as a "yellow light," said GSA's telecom services director.

  • Defense
    Shutterstock photo id 669226093 By Gorodenkoff

    IC looks to stand up a new enterprise IT program office

    The intelligence community wants to stand up a new program executive office to help develop new IT capabilities.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.