Information Security: Technologies to Secure Federal Systems

Federal agencies rely extensively on computerized information systems and electronic data to carry out their missions. The security of these systems and date is essential to preventing data tampering, disruptions in critical operations, fraud, and inappropriate disclosure of sensitive information. Congress and the executive branch have taken actions to address this challenge, such as enacting and implementing the Federal Information Security Management Act (FISMA). FISMA and other federal guidance discuss the need for specific technical controls to secure information systems. In order to meet the requirements of FISMA to effectively implement these technical controls, it is critical that federal agencies consider whether they have adequately implemented available cybersecurity technologies. GAO was asked by the Chairman of the House Committee on Government Reform and its Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census to identify commercially available, state-of-the-practice cybersecurity technologies that federal agencies can use to defend their computer systems against cyber attacks.