Critical Infrastructure Protection:
Challenges to Building a Comprehensive Strategy for Information Sharing and Coordination
T-AIMD-00-268, Jul 26, 2000
Pursuant to a congressional request, GAO discussed the challenges of developing effective information sharing and coordination strategies needed to deal with computer security threats.
GAO noted that: (1) developing the information sharing and coordination capabilities needed to effectively deal with computer threats and actual incidents is complex and challenging but essential; (2) data on possible threats--ranging from viruses, to hoaxes, to random threats, to news events, and computer intrusions--must be continually collected and analyzed from a wide spectrum of globally distributed sources; (3) once an imminent threat is identified, appropriate warnings and response actions must be effectively coordinated among government agencies, the private sector, and, when appropriate, other nations; (4) it is important that this function be carried out as effectively, efficiently, and quickly as possible in order to ensure continuity of operations as well as minimize disruptions; (5) at the same time, it is not possible to build an overall, comprehensive picture of activity on the global infrastructure; (6) networks themselves are too big, they are growing too quickly, and they are continually being reconfigured and reengineered; (7) as a result, it is essential that strong partnerships be developed between a wide range of stakeholders in order to ensure that the right data are at the right place at the right time; (8) creating partnerships for information sharing and coordination is a formidable task; (9) trust needs to be established among a broad range of parties with varying interests and expectations, procedures for gathering and sharing information need to be developed, and technical issues need to be addressed; (10) if the federal government itself is going to be a credible player in response coordination, it needs to have its own systems and assets well protected; (11) this means overcoming significant and pervasive security weaknesses at each of the major federal agencies and instituting governmentwide controls and mechanisms needed to provide effective oversight, guidance, and leadership; and (12) perhaps most importantly, this activity needs to be guided by a comprehensive strategy to ensure that it is effective, to avoid unnecessary duplication of effort, and to maintain continuity.