Federal agencies (31 - 40 of 87 items)
IT Supply Chain: National Security-Related Agencies Need to Better Address Risks
GAO-12-361: Published: Mar 23, 2012. Publicly Released: Mar 23, 2012.
Reliance on a global supply chain introduces multiple risks to federal information systems. These risks include threats posed by actorssuch as foreign intelligence services or counterfeiterswho may exploit vulnerabilities in the supply chain and thus compromise the confidentiality, integrity, or availability of an end system and the information it contains. This in turn can adversely a...
Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use
GAO-12-92: Published: Dec 9, 2011. Publicly Released: Jan 9, 2012.
A wide variety of cybersecurity guidance is available from national and international organizations for entities within the seven critical infrastructure sectors GAO reviewed--banking and finance; communications; energy; health care and public health; information technology; nuclear reactors, material, and waste; and water. Much of this guidance is tailored to business needs of entities or provide...
Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination
GAO-12-8: Published: Nov 29, 2011. Publicly Released: Nov 29, 2011.
Threats to federal information technology (IT) infrastructure and systems continue to grow in number and sophistication. The ability to make federal IT infrastructure and systems secure depends on the knowledge, skills, and abilities of the federal and contractor workforce that implements and maintains these systems. In light of the importance of recruiting and retaining cybersecurity personnel, G...
Federal Bureau of Investigation: Actions Needed to Document Security Decisions and Address Issues with Condition of Headquarters Buildings
GAO-12-96: Published: Nov 8, 2011. Publicly Released: Nov 8, 2011.
Since September 11, 2001, the Federal Bureau of Investigation's (FBI) mission and workforce have expanded, and the FBI has outgrown its aging headquarters, the J. Edgar Hoover Building (Hoover Building). As a result, the FBI also operates in over 40 annexes, the majority located in the National Capital Region. In the explanatory statement accompanying the 2009 Omnibus Appropriations Act, GAO was d...
Information Security: Additional Guidance Needed to Address Cloud Computing Concerns
GAO-12-130T: Published: Oct 6, 2011. Publicly Released: Oct 6, 2011.
Cloud computing, an emerging form of computing where users have access to scalable, on-demand capabilities that are provided through Internet-based technologies, has the potential to provide information technology services more quickly and at a lower cost, but also to introduce information security risks. Accordingly, GAO was asked to testify on the security implications of cloud computing. This t...
Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements
GAO-12-137: Published: Oct 3, 2011. Publicly Released: Oct 3, 2011.
For many years, GAO has reported that weaknesses in information security can lead to serious consequences--such as intrusions by malicious individuals, compromised networks, and the theft of sensitive information including personally identifiable information--and has identified information security as a governmentwide high-risk area. The Federal Information Security Management Act of 2002 (FISMA)...
Social Media: Federal Agencies Need Policies and Procedures for Managing and Protecting Information They Access and Disseminate
GAO-11-605: Published: Jun 28, 2011. Publicly Released: Jul 28, 2011.
Federal agencies increasingly use recently developed Internet technologies that allow individuals or groups to create, organize, comment on, and share online content. The use of these social media services-- including popular Web sites like Facebook, Twitter, and YouTube-- has been endorsed by President Obama and provides opportunities for agencies to more readily share information with and solici...
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems
GAO-11-463T: Published: Mar 16, 2011. Publicly Released: Mar 16, 2011.
Pervasive and sustained cyber attacks continue to pose a potentially devastating threat to the systems and operations of our nation's critical infrastructure and the federal government. In recent testimony, the Director of National Intelligence stated that there had been a dramatic increase in malicious cyber activity targeting U.S. computers and networks. In addition, recent reports of cyber atta...
Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk
GAO-11-43: Published: Nov 30, 2010. Publicly Released: Nov 30, 2010.
Over the past several years, federal agencies have rapidly adopted the use of wireless technologies for their information systems. In a 2005 report, GAO recommended that the Office of Management and Budget (OMB), in its role overseeing governmentwide information security, take several steps to help agencies better secure their wireless networks. GAO was asked to update its prior report by (1) iden...
Cyberspace: United States Faces Challenges in Addressing Global Cybersecurity and Governance
GAO-10-606: Published: Jul 2, 2010. Publicly Released: Aug 2, 2010.
Recent foreign-based intrusions on the computer systems of U.S. federal agencies and commercial companies highlight the vulnerabilities of the interconnected networks that comprise the Internet, as well as the need to adequately address the global security and governance of cyberspace. Federal law and policy give a number of federal entities responsibilities for representing U.S. cyberspace intere...