Commerce (1 - 10 of 12 items)
Maritime Critical Infrastructure Protection: DHS Needs to Better Address Port Cybersecurity
GAO-14-459: Published: Jun 5, 2014. Publicly Released: Jun 5, 2014.
Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited.While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific po...
Critical Infrastructure Protection: More Comprehensive Planning Would Enhance the Cybersecurity of Public Safety Entities' Emerging Technology
GAO-14-125: Published: Jan 28, 2014. Publicly Released: Jan 28, 2014.
The five identified federal agencies (Departments of Homeland Security, Commerce, Justice, and Transportation and Federal Communications Commission (FCC)) have to varying degrees, coordinated cybersecurity-related activities with state and local governments. These activities included (1) supporting critical infrastructure protection-related planning, (2) issuing grants, (3) sharing information, (4...
Information Security: Environmental Protection Agency Needs to Resolve Weaknesses
GAO-12-696: Published: Jul 19, 2012. Publicly Released: Aug 20, 2012.
Although the Environmental Protection Agency (EPA) has taken steps to safeguard the information and systems that support its mission, security control weaknesses pervaded its systems and networks, thereby jeopardizing the agencys ability to sufficiently protect the confidentiality, integrity, and availability of its information and systems. The agency did not fully implement access controls,...
IT Supply Chain: National Security-Related Agencies Need to Better Address Risks
GAO-12-361: Published: Mar 23, 2012. Publicly Released: Mar 23, 2012.
Reliance on a global supply chain introduces multiple risks to federal information systems. These risks include threats posed by actorssuch as foreign intelligence services or counterfeiterswho may exploit vulnerabilities in the supply chain and thus compromise the confidentiality, integrity, or availability of an end system and the information it contains. This in turn can adversely a...
Federal Bureau of Investigation: Actions Needed to Document Security Decisions and Address Issues with Condition of Headquarters Buildings
GAO-12-96: Published: Nov 8, 2011. Publicly Released: Nov 8, 2011.
Since September 11, 2001, the Federal Bureau of Investigation's (FBI) mission and workforce have expanded, and the FBI has outgrown its aging headquarters, the J. Edgar Hoover Building (Hoover Building). As a result, the FBI also operates in over 40 annexes, the majority located in the National Capital Region. In the explanatory statement accompanying the 2009 Omnibus Appropriations Act, GAO was d...
Managing Sensitive Information: Actions Needed to Prevent Unintended Public Disclosures of U.S. Nuclear Sites and Activities
GAO-10-251: Published: Dec 15, 2009. Publicly Released: Dec 23, 2009.
On May 7, 2009, the Government Printing Office (GPO) published a 266-page document on its Web site that provided detailed information on civilian nuclear sites, locations, facilities, and activities in the United States. At the request of the Speaker of the House, this report determines (1) which U.S. agencies were responsible for the public release of this information and why the disclosure occur...
Financial Market Preparedness: Improvements Made, but More Action Needed to Prepare for Wide-Scale Disasters
GAO-04-984: Published: Sep 27, 2004. Publicly Released: Oct 27, 2004.
In February 2003 reports, GAO identified actions needed to better prepare critical financial market participants for wide-scale disasters, such as terrorist attacks. To determine progress made since then, GAO assessed (1) actions that critical securities market organizations took to improve their ability to prevent and recover from disruptions, (2) actions that financial market and telecommunicati...
Information Security: Progress and Challenges to an Effective Defense-wide Information Assurance Program
GAO-01-307: Published: Mar 30, 2001. Publicly Released: Mar 30, 2001.
The components, military services, and agencies of the Department of Defense (DOD) share many risks in their use of globally networked computer systems to perform operational missions. Many reports of vulnerabilities, organized intrusions, and theft related to department systems and networks have underscored weaknesses in DOD systems. In January 1998, DOD responded to these risks by announcing its...
Information Security: IRS Electronic Filing Systems
GAO-01-306: Published: Feb 16, 2001. Publicly Released: Mar 15, 2001.
A number of serious control weaknesses in the Internal Revenue Service's (IRS) electronic filing systems placed personal taxpayer data in IRS' electronic filing system at significant risk of unauthorized disclosure, use, and modification during the 2000 tax filing season. IRS recognized the importance of promptly addressing these weaknesses and stated that it has taken steps to correct them prior...
Information Security: Weak Controls Place DC Highway Trust Fund and Other Data at Risk
GAO-01-155: Published: Jan 31, 2001. Publicly Released: Jan 31, 2001.
GAO reviewed information system general controls over the financial systems that process and account for the financial activities of the District of Columbia's Highway Trust Fund. GAO identified serious computer security weaknesses that place District information at risk of deliberate or inadvertent misuse. These general control problems affected the District's ability to (1) prevent or detect una...