Strategic planning (1 - 10 of 28 items) in Custom Date Range
Information Security: Agencies Need to Improve Controls over Selected High-Impact Systems
GAO-16-501: Published: May 18, 2016. Publicly Released: Jun 21, 2016.
In GAO's survey of 24 federal agencies, the 18 agencies having high-impact systems identified cyber attacks from “nations” as the most serious and most frequently-occurring threat to the security of their systems. These agencies also noted that attacks delivered through e-mail were the most serious and frequent. During fiscal year 2014, 11 of the 18 agencies reported 2,267 incidents affecting...
Information Security: IRS Needs to Further Improve Controls over Taxpayer Data and Continue to Combat Identity Theft Refund Fraud
GAO-16-589T: Published: Apr 12, 2016. Publicly Released: Apr 12, 2016.
In March 2016, GAO reported that the Internal Revenue Service (IRS) had instituted numerous controls over key financial and tax processing systems; however, it had not always effectively implemented other controls intended to properly restrict access to systems and information, among other security measures. In particular, while IRS had improved some of its access controls, weaknesses remained in...
Information Security: DHS Needs to Enhance Capabilities, Improve Planning, and Support Greater Adoption of Its National Cybersecurity Protection System
GAO-16-294: Published: Jan 28, 2016. Publicly Released: Jan 28, 2016.
The Department of Homeland Security's (DHS) National Cybersecurity Protection System (NCPS) is partially, but not fully, meeting its stated system objectives:Intrusion detection: NCPS provides DHS with a limited ability to detect potentially malicious activity entering and exiting computer networks at federal agencies. Specifically, NCPS compares network traffic to known patterns of malicious data...
Federal Facility Cybersecurity: DHS and GSA Should Address Cyber Risk to Building and Access Control Systems
GAO-15-6: Published: Dec 12, 2014. Publicly Released: Jan 12, 2015.
The Department of Homeland Security (DHS) has taken preliminary steps to begin to understand the cyber risk to building and access controls systems in federal facilities. For example, in 2013, components of DHS's National Protection and Programs Directorate (NPPD) conducted a joint assessment of the physical security and cybersecurity of a federal facility. However, significant work remains.Lack o...
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure
GAO-11-865T: Published: Jul 26, 2011. Publicly Released: Jul 26, 2011.
Increasing computer interconnectivity, such as the growth of the Internet, has revolutionized the way our government, our nation, and much of the world communicate and conduct business. However, this widespread interconnectivity poses significant risks to the government's and the nation's computer systems, and to the critical infrastructures they support. These critical infrastructures include sys...
Defense Department Cyber Efforts: DOD Faces Challenges In Its Cyber Activities
GAO-11-75: Published: Jul 25, 2011. Publicly Released: Jul 25, 2011.
According to the U.S. Strategic Command, the Department of Defense (DOD) is in the midst of a global cyberspace crisis as foreign nation states and other actors, such as hackers, criminals, terrorists, and activists exploit DOD and other U.S. government computer networks to further a variety of national, ideological, and personal objectives. This report identifies (1) how DOD is organized to addre...
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems
GAO-11-463T: Published: Mar 16, 2011. Publicly Released: Mar 16, 2011.
Pervasive and sustained cyber attacks continue to pose a potentially devastating threat to the systems and operations of our nation's critical infrastructure and the federal government. In recent testimony, the Director of National Intelligence stated that there had been a dramatic increase in malicious cyber activity targeting U.S. computers and networks. In addition, recent reports of cyber atta...
Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats
GAO-10-834T: Published: Jun 16, 2010. Publicly Released: Jun 16, 2010.
Pervasive and sustained cyber attacks continue to pose a potentially devastating threat to the systems and operations of the federal government. In recent testimony, the Director of National Intelligence highlighted that many nation states, terrorist networks, and organized criminal groups have the capability to target elements of the United States information infrastructure for intelligence colle...
Information Security: Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies
GAO-10-237: Published: Mar 12, 2010. Publicly Released: Apr 12, 2010.
To reduce the threat to federal systems and operations posed by cyber attacks on the United States, the Office of Management and Budget (OMB) launched, in November 2007, the Trusted Internet Connections (TIC) initiative, and later, in 2008, the Department of Homeland Security's (DHS) National Cybersecurity Protection System (NCPS), operationally known as Einstein, became mandatory for federal agen...
Homeland Security: DHS's Progress and Challenges in Key Areas of Maritime, Aviation, and Cybersecurity
GAO-10-106: Published: Dec 2, 2009. Publicly Released: Dec 2, 2009.
Securing the nation's transportation and information systems is a primary responsibility of the Department of Homeland Security (DHS). Within DHS, the Transportation Security Administration (TSA) is responsible for securing all transportation modes; U.S. Customs and Border Protection (CBP) is responsible for cargo container security; the U.S. Coast Guard is responsible for protecting the maritime...