GAO: DOD should reassess security of command center
- By Alice Lipowicz
- Sep 22, 2008
The Defense Department consolidated two command centers into a single integrated center although DOD may have overlooked some security concerns for the new center, according to a new report from the Government Accountability Office.
DOD began plans to combine the command centers in 2005 after a disaster drill, the GAO said. The goal is to enable better decision-making by reducing the delays and lack of coordination involved with two separate command centers.
Officials relocated the North American Aerospace Defense (NORAD) Command’s command center, formerly located at Cheyenne Mountain, to be combined with the command center of the Northern Command (NORTHCOM) at Peterson Air Force Base, Colo. The new integrated center began operations in May.
However, DOD officials did not fully consider key threats to the new center in its security planning and understated the security issues surrounding the relocation, Davi D’Agostino, director of defense capabilities and management for GAO, wrote in the report, which was released Sept 18.
As a result, the GAO is recommending a redo of the security assessment. “We are recommending that the commander of NORAD and USNORTHCOM re-evaluate the full spectrum of security vulnerabilities associated with moving the NORAD Command Center and related functions from Cheyenne Mountain to Peterson AFB, and that the commander certify that he is fully aware of and accepts all of the risks,” the report said.
Defense officials disagreed with the GAO findings; however, in a second letter to the GAO, received on Aug. 29, DOD officials said they have put together a new security team to address the concerns. GAO said it did not have time to evaluate the new team.
Gen. Gene Renuart, commander of NORTHCOM and NORAD, said the new command center is providing capabilities that were not possible before. To ensure its security, Renuart said he has implemented “enhanced force protection measures” and “multiple nodes of command and control” at the new center.
“Redundant and distributed nodes provide the guarantee that there is no single point of failure in our mission responsibilities,” Renuart said in a statement.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.