Homeland security (11 - 20 of 21 items)
Critical Infrastructure Protection: Department of Homeland Security Faces Challenges in Fulfilling Cybersecurity Responsibilities
GAO-05-434: Published: May 26, 2005. Publicly Released: May 26, 2005.
Increasing computer interconnectivity has revolutionized the way that our government, our nation, and much of the world communicate and conduct business. While the benefits have been enormous, this widespread interconnectivity also poses significant risks to our nation's computer systems and, more importantly, to the critical operations and infrastructures they support. The Homeland Security Act o...
Technology Assessment: Cybersecurity for Critical Infrastructure Protection
GAO-04-321: Published: May 28, 2004. Publicly Released: May 28, 2004.
Computers are crucial to the operations of government and business. Computers and networks essentially run the critical infrastructures that are vital to our national defense, economic security, and public health and safety. Unfortunately, many computer systems and networks were not designed with security in mind. As a result, the core of our critical infrastructure is riddled with vulnerabilities...
Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems
GAO-04-628T: Published: Mar 30, 2004. Publicly Released: Mar 30, 2004.
Computerized control systems perform vital functions across many of our nation's critical infrastructures. For example, in natural gas distribution, they can monitor and control the pressure and flow of gas through pipelines. In October 1997, the President's Commission on Critical Infrastructure Protection emphasized the increasing vulnerability of control systems to cyber attacks. At the request...
High-Risk Series: Protecting Information Systems Supporting the Federal Government and the Nation's Critical Infrastructures
GAO-03-121: Published: Jan 1, 2003. Publicly Released: Jan 1, 2003.
Since GAO designated computer security in the federal government as high risk in 1997, evidence of pervasive weaknesses has been continuing. Also, related risks have been escalating, in part because of the dramatic increases in computer interconnectivity and increasing dependence on computers to support critical operations and infrastructures, such as power distribution, water supply, national def...
Critical Infrastructure Protection: Federal Efforts Require a More Coordinated and Comprehensive Approach for Protecting Information Systems
GAO-02-474: Published: Jul 15, 2002. Publicly Released: Jul 15, 2002.
Critical infrastructure protection (CIP) involves activities that enhance the security of the nation's cyber and physical public and private infrastructures that are essential to national security, economic activity, and public health and safety. At least 50 federal organizations within 13 major departments and agencies mentioned in Presidential Decision Directive 63 are involved in CIP activities...
Information Security: Progress and Challenges to an Effective Defense-wide Information Assurance Program
GAO-01-307: Published: Mar 30, 2001. Publicly Released: Mar 30, 2001.
The components, military services, and agencies of the Department of Defense (DOD) share many risks in their use of globally networked computer systems to perform operational missions. Many reports of vulnerabilities, organized intrusions, and theft related to department systems and networks have underscored weaknesses in DOD systems. In January 1998, DOD responded to these risks by announcing its...
Information Security: Advances and Remaining Challenges to Adoption of Public Key Infrastructure Technology
GAO-01-277: Published: Feb 26, 2001. Publicly Released: Feb 26, 2001.
The federal government must overcome several major challenges before public key infrastructure (PKI) technology can be widely and effectively used. These challenges include providing interoperability among agency PKIs, ensuring that PKI implementations can support a potential large scale of users, reducing the cost of building PKI systems, setting policies to maintain trust levels among agencies,...
Critical Infrastructure Protection: National Plan for Information Systems Protection
AIMD-00-90R: Published: Feb 11, 2000. Publicly Released: Feb 11, 2000.
Pursuant to a congressional request, GAO assessed national security legal authorities related to infrastructure protection, focusing on the administration's National Plan for Information Systems Protection.GAO noted that: (1) the National Plan for Information Systems Protection is an important and positive step toward building the cyber-defense necessary to protect critical information assets and...
Critical Infrastructure Protection: Comments on the National Plan for Information Systems Protection
T-AIMD-00-72: Published: Feb 1, 2000. Publicly Released: Feb 1, 2000.
Pursuant to a congressional request, GAO discussed the National Plan for Information Systems Protection, focusing on: (1) a detailed overview of the plan; (2) opportunities for sharpening the plan's proposals for improving the federal government's security programs; and (3) the challenges facing the government in building the public-private partnerships necessary for comprehensive infrastructure p...
Critical Infrastructure Protection: Comprehensive Strategy Can Draw on Year 2000 Experiences
AIMD-00-1: Published: Oct 1, 1999. Publicly Released: Oct 5, 1999.
Pursuant to a congressional request, GAO provided information on efforts to protect the nation's critical infrastructures, focusing on: (1) GAO's recent findings on computer security and critical infrastructure protection; and (2) preliminary lessons learned from the year 2000 date conversion experience that can benefit critical infrastructure protection efforts.GAO noted that: (1) the nation's co...