Information sharing (1 - 10 of 88 items)
Electricity: Federal Efforts to Enhance Grid Resilience
GAO-17-153: Published: Jan 25, 2017. Publicly Released: Feb 24, 2017.
The Department of Energy (DOE), the Department of Homeland Security (DHS), and the Federal Energy Regulatory Commission (FERC) reported implementing 27 grid resiliency efforts since 2013 and identified a variety of results from these efforts. The efforts addressed a range of threats and hazards—including cyberattacks, physical attacks, and natural disasters—and supported different types of act...
Cybersecurity: DHS's National Integration Center Generally Performs Required Functions but Needs to Evaluate Its Activities More Completely
GAO-17-163: Published: Feb 1, 2017. Publicly Released: Feb 1, 2017.
The National Cybersecurity and Communications Integration Center (NCCIC) of the Department of Homeland Security (DHS) has taken steps to perform each of its 11 statutorily required cybersecurity functions, such as being a federal civilian interface for sharing cybersecurity-related information with federal and nonfederal entities. It manages several programs that provide data used in developing 43...
Cultural Property: Protection of Iraqi and Syrian Antiquities
GAO-16-673: Published: Aug 15, 2016. Publicly Released: Aug 15, 2016.
U.S. agencies and the Smithsonian Institution (Smithsonian) have undertaken five types of activities to protect Iraqi and Syrian cultural property since 2011, which include awareness raising, information sharing, law enforcement, overseas capacity building, and destruction prevention. For example, the Department of Homeland Security reported coordinating with the Federal Bureau of Investigation an...
Emergency Communications: Effectiveness of the Post-Katrina Interagency Coordination Group Could Be Enhanced
GAO-16-681: Published: Jul 14, 2016. Publicly Released: Aug 15, 2016.
Implementation of the Post-Katrina Emergency Management Reform Act of 2006 (PKEMRA) provisions related to emergency communications planning and federal coordination has enhanced federal support for state and local efforts; however, federal coordination could be improved. PKEMRA created within the Department of Homeland Security (DHS) the Office of Emergency Communications, which has taken a number...
Critical Infrastructure Protection: DHS Has Made Progress in Enhancing Critical Infrastructure Assessments but Additional Improvements are Needed
GAO-16-791T: Published: Jul 12, 2016. Publicly Released: Jul 12, 2016.
GAO's prior work has shown the Department of Homeland Security (DHS) has made progress in addressing barriers to conducting voluntary assessments but guidance is needed for DHS's critical infrastructure (CI) vulnerability assessments activities and to address potential duplication and gaps. For example:Determining why some industry partners do not participate in voluntary assessments . In May 201...
Visa Waiver Program: DHS Should Take Steps to Ensure Timeliness of Information Needed to Protect U.S. National Security
GAO-16-498: Published: May 5, 2016. Publicly Released: Jun 6, 2016.
All 38 countries participating in the Visa Waiver Program (VWP) have entered into required agreements, or their equivalents, to (1) report lost and stolen passports, (2) share identity information about known or suspected terrorists, and (3) share criminal history information. However, not all countries have shared information through the agreements. The Department of Homeland Security (DHS) repor...
Information Security: DHS Needs to Enhance Capabilities, Improve Planning, and Support Greater Adoption of Its National Cybersecurity Protection System
GAO-16-294: Published: Jan 28, 2016. Publicly Released: Jan 28, 2016.
The Department of Homeland Security's (DHS) National Cybersecurity Protection System (NCPS) is partially, but not fully, meeting its stated system objectives:Intrusion detection: NCPS provides DHS with a limited ability to detect potentially malicious activity entering and exiting computer networks at federal agencies. Specifically, NCPS compares network traffic to known patterns of malicious data...
Critical Infrastructure Protection: Cybersecurity of the Nation's Electricity Grid Requires Continued Attention
GAO-16-174T: Published: Oct 21, 2015. Publicly Released: Oct 21, 2015.
GAO reported in 2011 that several entities—the North American Electric Reliability Corporation (NERC), the National Institute of Standards and Technology (NIST), the Federal Energy Regulatory Commission (FERC), the Department of Homeland Security (DHS), and the Department of Energy (DOE)—had taken steps to help secure the electric grid. These included developing cybersecurity standards and oth...
Maritime Critical Infrastructure Protection: DHS Needs to Enhance Efforts to Address Port Cybersecurity
GAO-16-116T: Published: Oct 8, 2015. Publicly Released: Oct 8, 2015.
Similar to other critical infrastructures, the nation's ports face an evolving array of cyber-based threats. These can come from insiders, criminals, terrorists, or other hostile sources and may employ a variety of techniques or exploits, such as denial-of-service attacks and malicious software. By exploiting vulnerabilities in information and communications technologies supporting port operations...
Surface Transportation Security: TSA Has Taken Steps Designed to Develop Processes for Sharing and Analyzing Information and to Improve Rail Security Incident Reporting
GAO-15-205T: Published: Sep 17, 2015. Publicly Released: Sep 17, 2015.
In June 2014, GAO found that the Transportation Security Administration (TSA) did not have a systematic process for incorporating stakeholder feedback to improve security-related information sharing and recommended that TSA systematically document and incorporate stakeholder feedback. TSA concurred with this recommendation and, in April 2015, TSA developed a standard operating procedure to help en...