White House slow to implement cybersecurity recommendations, GAO says

GAO report says vacancy in cyber czar post hampered strategy

The White House is slow to implement its national cybersecurity strategy, partly because of a seven-month delay in filling the job of national cyber coordinator, a new report from the Government Accountability Office states.

President Barack Obama’s national cyber policy review in May 2009 included 24 recommendations, including the need for a national cyber coordinator. The president named Howard Schmidt as White House Cybersecurity Coordinator last December.

The administration has fully implemented two of the 24 recommendations and partially implemented 22 of them, David Powner, director of information technology management issues at GAO, wrote in a report released Oct. 6.


Related stories:

Cyber chief slams security efforts

White House just getting started on cybersecurity


For example, some progress has been to build a cybersecurity-based identity management vision and strategy that deals with privacy and civil liberties, the report said. In June the administration released a draft National Strategy for Trusted Identities in Cyber Space.

The White House Office of Science and Technology Policy is developing a framework for cybersecurity research and development, but it will not be final until 2011.

GAO said implementation has been hampered because of the seven-month vacancy in the cyber coordinator position, and as a result agency leaders have not been assigned roles and responsibilities for carrying out the cybersecurity policy.

Although federal officials claim to be moving on the strategy, GAO said there are no benchmarks, plans or schedules that show how and when 16 of the 22 recommendations will be completed.

“Consequently, until roles and responsibilities are made clear and the schedule and planning shortfalls identified above are adequately addressed, there is increased risk the recommendations will not be successfully completed, which would unnecessarily place the country’s cyber infrastructure at risk,” Powner concluded.

The auditing agency made two recommendations: to assign roles and responsibilities, and to develop milestones for implementing the 16 recommendations from the president’s review of 2009.

Schmidt, in responding to a draft copy of the report, did not offer comments except to cite additional progress made by his office on several fronts. He said there were significant gains made in a national cyber research and development strategy completed in May, and there was a National Initiative for Cybersecurity Education held in August.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Management
    people standing on keyboard (Who is Danny/Shutterstock.com)

    OPM-GSA merger plan detailed in legislative proposal

    The White House is proposing legislation for a dramatic overhaul of human resources inside government and wants $50 million to execute the plan.

  • Cloud
    cloud applications (chanpipat/Shutterstock.com)

    GSA plans civilian DEOS counterpart

    GSA is developing a cloud email and enterprise services contract inspired by the single-source vehicle the Department of Defense devised for back-office software.

  • Defense
    software (whiteMocca/Shutterstock.com)

    DOD looks to unify software spending for 2020

    Defense Department acquisition head, Ellen Lord, hopes to simplify software buying and improve business systems following the release of the Defense Innovation Board's final software acquisition study.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.