White House slow to implement cybersecurity recommendations, GAO says

GAO report says vacancy in cyber czar post hampered strategy

The White House is slow to implement its national cybersecurity strategy, partly because of a seven-month delay in filling the job of national cyber coordinator, a new report from the Government Accountability Office states.

President Barack Obama’s national cyber policy review in May 2009 included 24 recommendations, including the need for a national cyber coordinator. The president named Howard Schmidt as White House Cybersecurity Coordinator last December.

The administration has fully implemented two of the 24 recommendations and partially implemented 22 of them, David Powner, director of information technology management issues at GAO, wrote in a report released Oct. 6.


Related stories:

Cyber chief slams security efforts

White House just getting started on cybersecurity


For example, some progress has been to build a cybersecurity-based identity management vision and strategy that deals with privacy and civil liberties, the report said. In June the administration released a draft National Strategy for Trusted Identities in Cyber Space.

The White House Office of Science and Technology Policy is developing a framework for cybersecurity research and development, but it will not be final until 2011.

GAO said implementation has been hampered because of the seven-month vacancy in the cyber coordinator position, and as a result agency leaders have not been assigned roles and responsibilities for carrying out the cybersecurity policy.

Although federal officials claim to be moving on the strategy, GAO said there are no benchmarks, plans or schedules that show how and when 16 of the 22 recommendations will be completed.

“Consequently, until roles and responsibilities are made clear and the schedule and planning shortfalls identified above are adequately addressed, there is increased risk the recommendations will not be successfully completed, which would unnecessarily place the country’s cyber infrastructure at risk,” Powner concluded.

The auditing agency made two recommendations: to assign roles and responsibilities, and to develop milestones for implementing the 16 recommendations from the president’s review of 2009.

Schmidt, in responding to a draft copy of the report, did not offer comments except to cite additional progress made by his office on several fronts. He said there were significant gains made in a national cyber research and development strategy completed in May, and there was a National Initiative for Cybersecurity Education held in August.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.