Privacy & Civil Liberties LogoPrivacy & Civil Liberties

Cybersecurity
in Government Accountability Office Reports

Cybersecurity: A Better Defined and Implemented National Strategy Is Needed to Address Persistent Challenges (GAO-13-462T, March 2013) (36pp | 833kb | PDF) — “The federal cybersecurity strategy has evolved over the past decade, with the issuance of several strategy documents and other initiatives that address aspects of these challenge areas. However, there is no overarching national cybersecurity strategy that synthesizes these documents or comprehensively describes the current strategy. In addition, the government’s existing strategy documents do not always incorporate key desirable characteristics GAO has identified that can enhance the usefulness of national strategies... In its report, GAO recommended that an integrated national strategy be developed that includes milestones and performance measures; costs and resources; and a clear definition of roles and responsibilities. It also stated that Congress should consider clarifying federal cybersecurity oversight roles through legislation.”

Cybersecurity: Threats Impacting the Nation (GAO-12-666T, April 2012) (20pp | 353kb | PDF) — “The threat posed by cyber attacks is heightened by vulnerabilities in federal systems and systems supporting critical infrastructure. Specifically, significant weaknesses in information security controls continue to threaten the confidentiality, integrity, and availability of critical information and information systems supporting the operations, assets, and personnel of federal government agencies... Reported attacks and unintentional incidents involving federal, private, and infrastructure systems demonstrate that the impact of a serious attack could be significant, including loss of personal or sensitive information, disruption or destruction of critical infrastructure, and damage to national and economic security.”