Skip to main content

Critical Infrastructure Protection: DHS Needs to Better Address Its Cybersecurity Responsibilities

GAO-08-1157T Published: Sep 16, 2008. Publicly Released: Sep 16, 2008.
Jump To:
Skip to Highlights

Highlights

Recent cyber attacks demonstrate the potentially devastating impact these pose to our nation's computer systems and to the federal operations and critical infrastructures that they support. They also highlight that we need to be vigilant against individuals and groups with malicious intent, such as criminals, terrorists, and nation-states perpetuating these attacks. Federal law and policy established the Department of Homeland Security (DHS) as the focal point for coordinating cybersecurity, including making it responsible for protecting systems that support critical infrastructures, a practice commonly referred to as cyber critical infrastructure protection. Since 2005, GAO has reported on the responsibilities and progress DHS has made in its cybersecurity efforts. GAO was asked to summarize its key reports and their associated recommendations aimed at securing our nation's cyber critical infrastructure. To do so, GAO relied on previous reports, as well as two reports being released today, and analyzed information about the status of recommendations.

Full Report

Office of Public Affairs

Topics

Access controlClassified defense informationComputer incident response capabilityComputer securityConfidential communicationsContingency plansCritical infrastructureCritical infrastructure protectionCyber crimesCyber securityFederal agenciesForeign governmentsHomeland securityInformation accessInformation securityInformation technologyInteragency relationsLessons learnedPrivate sectorRisk assessmentRisk managementState governmentsStrategic planningProgram implementation