Homeland security (61 - 70 of 75 items)
Information Security: Challenges to Improving DOD's Incident Response Capabilities
GAO-01-341: Published: Mar 29, 2001. Publicly Released: Mar 30, 2001.
This report reviews the department of Defense's (DOD) implementation of computer incident response capabilities and identifies challenges to improving these. GAO found that during the last several years, DOD has taken several steps to build incident response capabilities and enhance computer defensive capabilities across the Department, including the creation of computer emergency response teams a...
Information Security: Progress and Challenges to an Effective Defense-wide Information Assurance Program
GAO-01-307: Published: Mar 30, 2001. Publicly Released: Mar 30, 2001.
The components, military services, and agencies of the Department of Defense (DOD) share many risks in their use of globally networked computer systems to perform operational missions. Many reports of vulnerabilities, organized intrusions, and theft related to department systems and networks have underscored weaknesses in DOD systems. In January 1998, DOD responded to these risks by announcing its...
Information Security: Advances and Remaining Challenges to Adoption of Public Key Infrastructure Technology
GAO-01-277: Published: Feb 26, 2001. Publicly Released: Feb 26, 2001.
The federal government must overcome several major challenges before public key infrastructure (PKI) technology can be widely and effectively used. These challenges include providing interoperability among agency PKIs, ensuring that PKI implementations can support a potential large scale of users, reducing the cost of building PKI systems, setting policies to maintain trust levels among agencies,...
FAA Computer Security: Recommendations to Address Continuing Weaknesses
GAO-01-171: Published: Dec 6, 2000. Publicly Released: Dec 6, 2000.
The Federal Aviation Administration's (FAA) agencywide computer security programs have serious, pervasive problems in the following key areas: personnel security, facility physical security, operational systems security, information systems security management, service continuity, and intrusion detection. Until FAA addresses the pervasive weaknesses in its computer security program, its critical i...
Information Security: Serious and Widespread Weaknesses Persist at Federal Agencies
AIMD-00-295: Published: Sep 6, 2000. Publicly Released: Sep 11, 2000.
Pursuant to a congressional request, GAO reviewed inspectors' general information security audit findings for 24 federal agencies, focusing on: (1) information security weaknesses identified in audit reports issued from July 1999 through August 2000 and GAO's findings with similar information that GAO reported in September 1998; (2) weaknesses and the related risks at selected individual agencies;...
Critical Infrastructure Protection: Comments on the Proposed Cyber Security Information Act of 2000
T-AIMD-00-229: Published: Jun 22, 2000. Publicly Released: Jun 22, 2000.
Pursuant to a congressional request, GAO discussed the proposed Cyber Security Information Act of 2000 (H.R. 4246), focusing on how it can enhance critical infrastructure protection and the formidable challenges involved with achieving the goals of the bill.GAO noted that: (1) by removing key barriers that are precluding private industry from sharing information about infrastructure threats and vu...
Critical Infrastructure Protection: National Plan for Information Systems Protection
AIMD-00-90R: Published: Feb 11, 2000. Publicly Released: Feb 11, 2000.
Pursuant to a congressional request, GAO assessed national security legal authorities related to infrastructure protection, focusing on the administration's National Plan for Information Systems Protection.GAO noted that: (1) the National Plan for Information Systems Protection is an important and positive step toward building the cyber-defense necessary to protect critical information assets and...
Critical Infrastructure Protection: Comments on the National Plan for Information Systems Protection
T-AIMD-00-72: Published: Feb 1, 2000. Publicly Released: Feb 1, 2000.
Pursuant to a congressional request, GAO discussed the National Plan for Information Systems Protection, focusing on: (1) a detailed overview of the plan; (2) opportunities for sharpening the plan's proposals for improving the federal government's security programs; and (3) the challenges facing the government in building the public-private partnerships necessary for comprehensive infrastructure p...
Critical Infrastructure Protection: Fundamental Improvements Needed to Assure Security of Federal Operations
T-AIMD-00-7: Published: Oct 6, 1999. Publicly Released: Oct 6, 1999.
Pursuant to a congressional request, GAO discussed the computer security aspects of critical infrastructure protection, focusing on federal agency performance in addressing computer security issues.GAO noted that: (1) reports issued by GAO and various Inspectors General over the last 5 years describe persistent computer security weaknesses that place federal operations at risk of disruption, fraud...
Critical Infrastructure Protection: Comprehensive Strategy Can Draw on Year 2000 Experiences
AIMD-00-1: Published: Oct 1, 1999. Publicly Released: Oct 5, 1999.
Pursuant to a congressional request, GAO provided information on efforts to protect the nation's critical infrastructures, focusing on: (1) GAO's recent findings on computer security and critical infrastructure protection; and (2) preliminary lessons learned from the year 2000 date conversion experience that can benefit critical infrastructure protection efforts.GAO noted that: (1) the nation's co...