All Topics » Information Security
Information Security (101 - 110 of 425 items)
Information Security: Agencies Need to Implement Federal Desktop Core Configuration Requirements
GAO-10-202: Published: Mar 12, 2010. Publicly Released: Apr 12, 2010.
The increase in security incidents and continuing weakness in security controls on information technology systems at federal agencies highlight the continuing need for improved information security. To standardize and strengthen agencies' security, the Office of Management and Budget (OMB), in collaboration with the National Institute of Standards and Technology (NIST), launched the Federal Deskto...
Information Security: Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies
GAO-10-237: Published: Mar 12, 2010. Publicly Released: Apr 12, 2010.
To reduce the threat to federal systems and operations posed by cyber attacks on the United States, the Office of Management and Budget (OMB) launched, in November 2007, the Trusted Internet Connections (TIC) initiative, and later, in 2008, the Department of Homeland Security's (DHS) National Cybersecurity Protection System (NCPS), operationally known as Einstein, became mandatory for federal agen...
Bureau of the Public Debt: Areas for Improvement in Information Security Controls
GAO-10-517R: Published: Mar 26, 2010. Publicly Released: Mar 26, 2010.
In connection with fulfilling our requirement to audit the financial statements of the U.S. government, we audited and reported on the Schedules of Federal Debt Managed by the Bureau of the Public Debt (BPD) for the fiscal years ended September 30, 2009 and 2008. As part of these audits, we performed a review of the general and application information security controls over key BPD financial syste...
Information Security: Concerted Response Needed to Resolve Persistent Weaknesses
GAO-10-536T: Published: Mar 24, 2010. Publicly Released: Mar 24, 2010.
Without proper safeguards, federal computer systems are vulnerable to intrusions by individuals who have malicious intentions and can obtain sensitive information. The need for a vigilant approach to information security has been demonstrated by the pervasive and sustained cyber attacks against the United States; these attacks continue to pose a potentially devastating impact to systems as well as...
Information Security: IRS Needs to Continue to Address Significant Weaknesses
GAO-10-355: Published: Mar 19, 2010. Publicly Released: Mar 19, 2010.
The Internal Revenue Service (IRS) relies extensively on computerized systems to carry out its demanding responsibilities to collect taxes, process tax returns, and enforce the nation's tax laws. Effective information security controls are essential to protect financial and taxpayer information from inadvertent or deliberate misuse, improper disclosure, or destruction. As part of its audit of IRS'...
Cybersecurity: Progress Made but Challenges Remain in Defining and Coordinating the Comprehensive National Initiative
GAO-10-338: Published: Mar 5, 2010. Publicly Released: Mar 5, 2010.
In response to the ongoing threats to federal systems and operations posed by cyber attacks, President Bush established the Comprehensive National Cybersecurity Initiative (CNCI) in 2008. This initiative consists of a set of projects aimed at reducing vulnerabilities, protecting against intrusions, and anticipating future threats. GAO was asked to determine (1) what actions have been taken to deve...
Managing Sensitive Information: Actions Needed to Prevent Unintended Public Disclosures of U.S. Nuclear Sites and Activities
GAO-10-251: Published: Dec 15, 2009. Publicly Released: Dec 23, 2009.
On May 7, 2009, the Government Printing Office (GPO) published a 266-page document on its Web site that provided detailed information on civilian nuclear sites, locations, facilities, and activities in the United States. At the request of the Speaker of the House, this report determines (1) which U.S. agencies were responsible for the public release of this information and why the disclosure occur...
Department of Veterans Affairs' Implementation of Information Security Education Assistance Program
GAO-10-170R: Published: Dec 18, 2009. Publicly Released: Dec 18, 2009.
The Veterans Benefits, Health Care, and Information Technology Act of 2006 authorizes the Secretary of Veterans Affairs to establish an educational assistance program for information security. The Information Security Education Assistance Program is envisioned as a means for the Department of Veterans Affairs (VA) to attract and retain individuals with advanced skills in information security. The...
Homeland Security: DHS's Progress and Challenges in Key Areas of Maritime, Aviation, and Cybersecurity
GAO-10-106: Published: Dec 2, 2009. Publicly Released: Dec 2, 2009.
Securing the nation's transportation and information systems is a primary responsibility of the Department of Homeland Security (DHS). Within DHS, the Transportation Security Administration (TSA) is responsible for securing all transportation modes; U.S. Customs and Border Protection (CBP) is responsible for cargo container security; the U.S. Coast Guard is responsible for protecting the maritime...
Cybersecurity: Continued Efforts Are Needed to Protect Information Systems from Evolving Threats
GAO-10-230T: Published: Nov 17, 2009. Publicly Released: Nov 17, 2009.
Pervasive and sustained cyber attacks continue to pose a potentially devastating threat to the systems and operations of the federal government. In recent months, federal officials have cited the continued efforts of foreign nations and criminals to target government and private sector networks; terrorist groups have expressed a desire to use cyber attacks to target the United States; and press ac...