U.S. approach to global cybersecurity falls short, GAO says

Recommends White House improve interagency coordination

The Obama administration should take steps to improve and better coordinate the United States’ approach to international cyberspace policy, the Government Accountability Office has said.

According to a report released today by GAO, global aspects of cyberspace “present key challenges to U.S. policy.” GAO said U.S. involvement in the many organizations that are involved in developing international agreements and standards “is essential to promoting our national and economic security to the rest of the world.”

U.S. law enforcement attempts to prosecute cyber crime have been complicated by differing legal systems and the United States has been unable to define cyberspace-related norms that may be necessary for guiding incident response, the auditors found. GAO said “challenges in U.S. leadership, strategy, and coordination have hampered the nation’s ability to promote cyberspace-related technical standards and policies and establish global cyber incident response capabilities consistent with our national economic and national security interests.”


Related Story:

Do we need a U.N. cybersecurity council?


GAO identified 19 organizations considered by experts as key for global cyberspace policy. The organizations that are identified vary in scope and purpose, and include the European Union, the United Nations, the Internet Engineering Task Force, and the North Atlantic Treaty Organization.

Auditors also identified multiple U.S. government organizations that participate in programs that can affect cyberspace policy and governance. The organizations that are involved include the National Security Council, as well as the Commerce, State, Defense, Justice and Homeland Security departments.

GAO said the government faces several impediments to formulating and putting in place a coherent approach to addressing the global aspects of cyberspace that include:

  • Providing top level leadership.
  • Developing a coherent and comprehensive strategy.
  • Coordinating across all relevant federal entities.
  • Ensuring cyber space-related technical standards and policies don’t put unnecessary barriers on U.S. trade.
  • Participating in international response for cyber incidents.
  • Differing legal systems and enforcing U.S. criminal and civil laws.
  • Defining international norms for cyber space.

“Until these challenges are addressed, the United States will be at a disadvantage in promoting its national interests in the realm of cyberspace,” the report said.

GAO recommended White House Cybersecurity Coordinator Howard Schmidt:

  • Make recommendations agencies and coordination committees about necessary changes to more effectively coordinate and develop a coherent national approach to cyberspace policy.
  • Develop with relevant federal agencies, a comprehensive U.S. global cyberspace strategy.
  • Enhance the interagency coordination mechanisms.
  • Work with DHS, State and other organizations to establish protocols for working on cyber incident response globally.
  • Determine with Defense, State and others which, if any, cyberspace norms should be defined to support U.S. interests in cyberspace.

GAO said that in response to a draft of the report, Schmidt and his staff generally concurred with the auditors’ recommendations and stated actions they’ve already taken to deal with them.

However, regarding GAO’s findings and conclusions, GAO said Schmidt and his staff said the report doesn’t fully portray their leadership, efforts to develop a strategy, or improvements made in interagency coordination. The administration officials emphasized their engagement in establishing bilateral relationships with foreign countries and continued improved coordination.

About the Author

Ben Bain is a reporter for Federal Computer Week.

Featured

  • Management
    people standing on keyboard (Who is Danny/Shutterstock.com)

    OPM-GSA merger plan detailed in legislative proposal

    The White House is proposing legislation for a dramatic overhaul of human resources inside government and wants $50 million to execute the plan.

  • Cloud
    cloud applications (chanpipat/Shutterstock.com)

    GSA plans civilian DEOS counterpart

    GSA is developing a cloud email and enterprise services contract inspired by the single-source vehicle the Department of Defense devised for back-office software.

  • Defense
    software (whiteMocca/Shutterstock.com)

    DOD looks to unify software spending for 2020

    Defense Department acquisition head, Ellen Lord, hopes to simplify software buying and improve business systems following the release of the Defense Innovation Board's final software acquisition study.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.