White House slow to implement cybersecurity recommendations, GAO says

GAO report says vacancy in cyber czar post hampered strategy

The White House is slow to implement its national cybersecurity strategy, partly because of a seven-month delay in filling the job of national cyber coordinator, a new report from the Government Accountability Office states.

President Barack Obama’s national cyber policy review in May 2009 included 24 recommendations, including the need for a national cyber coordinator. The president named Howard Schmidt as White House Cybersecurity Coordinator last December.

The administration has fully implemented two of the 24 recommendations and partially implemented 22 of them, David Powner, director of information technology management issues at GAO, wrote in a report released Oct. 6.


Related stories:

Cyber chief slams security efforts

White House just getting started on cybersecurity


For example, some progress has been to build a cybersecurity-based identity management vision and strategy that deals with privacy and civil liberties, the report said. In June the administration released a draft National Strategy for Trusted Identities in Cyber Space.

The White House Office of Science and Technology Policy is developing a framework for cybersecurity research and development, but it will not be final until 2011.

GAO said implementation has been hampered because of the seven-month vacancy in the cyber coordinator position, and as a result agency leaders have not been assigned roles and responsibilities for carrying out the cybersecurity policy.

Although federal officials claim to be moving on the strategy, GAO said there are no benchmarks, plans or schedules that show how and when 16 of the 22 recommendations will be completed.

“Consequently, until roles and responsibilities are made clear and the schedule and planning shortfalls identified above are adequately addressed, there is increased risk the recommendations will not be successfully completed, which would unnecessarily place the country’s cyber infrastructure at risk,” Powner concluded.

The auditing agency made two recommendations: to assign roles and responsibilities, and to develop milestones for implementing the 16 recommendations from the president’s review of 2009.

Schmidt, in responding to a draft copy of the report, did not offer comments except to cite additional progress made by his office on several fronts. He said there were significant gains made in a national cyber research and development strategy completed in May, and there was a National Initiative for Cybersecurity Education held in August.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected