White House slow to implement cybersecurity recommendations, GAO says

GAO report says vacancy in cyber czar post hampered strategy

The White House is slow to implement its national cybersecurity strategy, partly because of a seven-month delay in filling the job of national cyber coordinator, a new report from the Government Accountability Office states.

President Barack Obama’s national cyber policy review in May 2009 included 24 recommendations, including the need for a national cyber coordinator. The president named Howard Schmidt as White House Cybersecurity Coordinator last December.

The administration has fully implemented two of the 24 recommendations and partially implemented 22 of them, David Powner, director of information technology management issues at GAO, wrote in a report released Oct. 6.


Related stories:

Cyber chief slams security efforts

White House just getting started on cybersecurity


For example, some progress has been to build a cybersecurity-based identity management vision and strategy that deals with privacy and civil liberties, the report said. In June the administration released a draft National Strategy for Trusted Identities in Cyber Space.

The White House Office of Science and Technology Policy is developing a framework for cybersecurity research and development, but it will not be final until 2011.

GAO said implementation has been hampered because of the seven-month vacancy in the cyber coordinator position, and as a result agency leaders have not been assigned roles and responsibilities for carrying out the cybersecurity policy.

Although federal officials claim to be moving on the strategy, GAO said there are no benchmarks, plans or schedules that show how and when 16 of the 22 recommendations will be completed.

“Consequently, until roles and responsibilities are made clear and the schedule and planning shortfalls identified above are adequately addressed, there is increased risk the recommendations will not be successfully completed, which would unnecessarily place the country’s cyber infrastructure at risk,” Powner concluded.

The auditing agency made two recommendations: to assign roles and responsibilities, and to develop milestones for implementing the 16 recommendations from the president’s review of 2009.

Schmidt, in responding to a draft copy of the report, did not offer comments except to cite additional progress made by his office on several fronts. He said there were significant gains made in a national cyber research and development strategy completed in May, and there was a National Initiative for Cybersecurity Education held in August.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.