Information technology (41 - 50 of 95 items) in Custom Date Range
Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed
GAO-11-24: Published: Oct 6, 2010. Publicly Released: Oct 6, 2010.
To address pervasive computer-based (cyber) attacks against the United States that posed potentially devastating impacts to systems and operations, the federal government has developed policies and strategies intended to combat these threats. A recent key development was in February 2009, when President Obama initiated a review of the government's overall strategy and supporting activities with th...
Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems
GAO-10-916: Published: Sep 15, 2010. Publicly Released: Sep 15, 2010.
Historically, civilian and national security-related information technology (IT) systems have been governed by different information security policies and guidance. Specifically, the Office of Management and Budget and the Department of Commerce's National Institute of Standards and Technology (NIST) established policies and guidance for civilian non-national security systems, while other organiza...
Cyberspace: United States Faces Challenges in Addressing Global Cybersecurity and Governance
GAO-10-606: Published: Jul 2, 2010. Publicly Released: Aug 2, 2010.
Recent foreign-based intrusions on the computer systems of U.S. federal agencies and commercial companies highlight the vulnerabilities of the interconnected networks that comprise the Internet, as well as the need to adequately address the global security and governance of cyberspace. Federal law and policy give a number of federal entities responsibilities for representing U.S. cyberspace intere...
Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development
GAO-10-466: Published: Jun 3, 2010. Publicly Released: Jul 6, 2010.
Computer networks and infrastructures, on which the United States and much of the world rely to communicate and conduct business, contain vulnerabilities that can leave them susceptible to unauthorized access, disruption, or attack. Investing in research and development (R&D) is essential to protect critical systems and to enhance the cybersecurity of both the government and the private sector. Fe...
Information Security: Governmentwide Guidance Needed to Assist Agencies in Implementing Cloud Computing
GAO-10-855T: Published: Jul 1, 2010. Publicly Released: Jul 1, 2010.
Cloud computing, an emerging form of computing where users have access to scalable, on-demand capabilities that are provided through Internet-based technologies, reportedly has the potential to provide information technology services more quickly and at a lower cost, but also to introduce information security risks. Accordingly, GAO was asked to testify on the benefits and risks of moving federal...
Information Security: Federal Guidance Needed to Address Control Issues with Implementing Cloud Computing
GAO-10-513: Published: May 27, 2010. Publicly Released: Jul 1, 2010.
Cloud computing, an emerging form of computing where users have access to scalable, on-demand capabilities that are provided through Internet-based technologies, has the potential to provide information technology services more quickly and at a lower cost, but also to introduce information security risks. Accordingly, GAO was asked to (1) identify the models of cloud computing, (2) identify the in...
Information Security: Veterans Affairs Needs to Resolve Long-Standing Weaknesses
GAO-10-727T: Published: May 19, 2010. Publicly Released: May 19, 2010.
Since 1997, GAO has identified information security as a governmentwide high-risk issue. This has been particularly true at the Department of Veterans Affairs (VA), where the department has been challenged in protecting the availability, confidentiality, and integrity of its information and systems. Since the 1990s, GAO has highlighted the challenges the department has faced, including the need to...
Information Security: Agencies Need to Implement Federal Desktop Core Configuration Requirements
GAO-10-202: Published: Mar 12, 2010. Publicly Released: Apr 12, 2010.
The increase in security incidents and continuing weakness in security controls on information technology systems at federal agencies highlight the continuing need for improved information security. To standardize and strengthen agencies' security, the Office of Management and Budget (OMB), in collaboration with the National Institute of Standards and Technology (NIST), launched the Federal Deskto...
Information Security: Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies
GAO-10-237: Published: Mar 12, 2010. Publicly Released: Apr 12, 2010.
To reduce the threat to federal systems and operations posed by cyber attacks on the United States, the Office of Management and Budget (OMB) launched, in November 2007, the Trusted Internet Connections (TIC) initiative, and later, in 2008, the Department of Homeland Security's (DHS) National Cybersecurity Protection System (NCPS), operationally known as Einstein, became mandatory for federal agen...
Information Security: NASA Needs to Remedy Vulnerabilities in Key Networks
GAO-10-4: Published: Oct 15, 2009. Publicly Released: Oct 15, 2009.
The National Aeronautics and Space Administration (NASA) relies extensively on information systems and networks to pioneer space exploration, scientific discovery, and aeronautics research. Many of these systems and networks are interconnected through the Internet, and may be targeted by evolving and growing cyber threats from a variety of sources. GAO was directed to (1) determine whether NASA ha...