Sunday, March 7, 2010

US agencies needs clear cybersecurity roles: GAO report

US government cybersecurity efforts are being hampered by a need to better define the roles of the agencies responsible for defending against cyber threats, a US Congressional watchdog said Friday.

The need for more clearly defined responsibilities for agencies tasked with defending against cyberattacks was one of a number of "challenges" to effective cybersecurity raised in the report by the Government Accountability Office.

The GAO report looked at the Comprehensive National Cybersecurity Initiative (CNCI), which was launched by former US president George W. Bush in 2008 to reduce vulnerabilities and protect federal systems against cyberattack.

In its report, the GAO cited "defining roles and responsibilities" as among the "challenges" to cybersecurity efforts.

"Federal agencies have overlapping and uncoordinated responsibilities for cybersecurity, and it is unclear where overall responsibility for coordination lies," the GAO said.

Other challenges raised by GAO were "coordinating actions with international entities" and "establishing an appropriate level of transparency."

"The federal government does not have a formal strategy for coordinating outreach to international partners for the purposes of standards setting, law enforcement, and information sharing," the GAO said.

"Few of the elements of CNCI have been made public, and the rationale for classifying related information remains unclear, hindering coordination with private sector entities and accountability to the public," the GAO said.

"Until these challenges are adequately addressed, there is a risk that CNCI will not fully achieve its goal to reduce vulnerabilities, protect against intrusions, and anticipate future threats against federal executive branch information systems," it said. AFP

No comments:

Post a Comment