The US Government Accountability Office (GAO) recently released highlights of their study on Cybersecurity. The report notes that key improvements are needed to strengthen the Nation's posture and criticizes the Department of Homeland Security (DHS) strongly for having "yet to fully satisfy its responsibilities designated by the national cybersecurity strategy." Here's a summary of the report:
Pervasive and sustained computerbased (cyber) attacks against federal and private-sector infrastructures pose a potentially devastating impact to systems and operations and the critical infrastructures that they support. To address these threats, President Bush issued a 2003 national strategy and related policy directives aimed at improving cybersecurity nationwide. Congress and the Executive Branch, including the new administration, have subsequently taken actions to examine the adequacy of the strategy and identify areas for improvement. Nevertheless, GAO has identified this area as high risk and has reported on needed improvements in implementing the national cybersecurity strategy.
The GAO made 30 recommendations in key cybersecurity areas, including bolstering cyber analysis and warning capabilities, completing actions identified during cyber exercises, improving cybersecurity of infrastructure control systems, strengthening DHS' ability to help recover from Internet disruptions and addressing cybercrime.
In addition to these areas identified as needing improvement, the GAO report identified 12 key strategy improvements:
The GAO says that the nation's federal and private-sector infrastructure systems remain at risk without these improvements. They suggest the new administration consider these improvements as part of the nation's cybersecurity strategy.
Via network world