Critical Infrastructure Protection:
Establishing Effective Information Sharing with Infrastructure Sectors
GAO-04-699T: Published: Apr 21, 2004. Publicly Released: Apr 21, 2004.
Additional Materials:
- Highlights Page:
- Full Report:
- Accessible Text:
Contact:
(202) 512-3317
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
Critical infrastructure protection (CIP) activities that are called for in federal policy and law are intended to enhance the security of the cyber and physical public and private infrastructures that are essential to our nation's security, economic security, and public health and safety. As our reliance on these infrastructures increases, so do the potential threats and attacks that could disrupt critical systems and operations. Effective information-sharing partnerships between industry sectors and government can contribute to CIP efforts. Federal policy has encouraged the voluntary creation of Information Sharing and Analysis Centers (ISACs) to facilitate the private sector's participation in CIP by serving as mechanisms for gathering and analyzing information and sharing it among the infrastructure sectors and between the private sector and government. This testimony discusses the management and operational structures used by ISACs, federal efforts to interact with and support the ISACs, and challenges to and successful practices for ISACs' establishment, operation, and partnerships with the federal government.
Federal awareness of the importance of securing the nation's critical infrastructures--and the federal government's strategy to encourage cooperative efforts among state and local governments and the private sector to protect these infrastructures--have been evolving since the mid- 1990s. Federal policy continues to emphasize the importance of the ISACs and their information-sharing functions. In addition, federal policy established specific responsibilities for the Department of Homeland Security (DHS) and other federal agencies involved with the private sector in CIP. The ISACs themselves, although they have similar missions, were developed to serve the unique needs of the sectors they represent, and they operate under different business models and funding mechanisms. According to ISAC representatives and a council that represents many of them, a number of challenges to their successful establishment, operation, and partnership with DHS and other federal agencies remain. These challenges include increasing the percentage of entities within each sector that are members of its ISAC; building trusted relationships and processes to facilitate information sharing; overcoming barriers to information sharing, clarifying the roles and responsibilities of the various government and private sector entities that are involved in protecting critical infrastructures; and funding ISAC operations and activities. According to a DHS official, these issues are being considered, and the department is developing a plan that will document the current information-sharing relationships among DHS, the ISACs, and other agencies; goals for improving those information-sharing relationships; and methods for measuring progress toward these goals.
Mar 13, 2018
Freedom of Information Act:
Agencies Are Implementing Requirements but Need to Take Additional ActionsGAO-18-452T: Published: Mar 13, 2018. Publicly Released: Mar 13, 2018.-
Freedom of Information Act:
Federal Court Decisions Have Not Required the Office of Special Counsel to Initiate Disciplinary Actions for the Improper Withholding of RecordsGAO-18-235R: Published: Mar 13, 2018. Publicly Released: Mar 13, 2018.
Jul 27, 2017
-
Social Security Numbers:
OMB Actions Needed to Strengthen Federal Efforts to Limit Identity Theft Risks by Reducing Collection, Use, and DisplayGAO-17-553: Published: Jul 25, 2017. Publicly Released: Jul 27, 2017.
Dec 8, 2016
-
DATA Act:
Implementation Progresses but Challenges RemainGAO-17-282T: Published: Dec 8, 2016. Publicly Released: Dec 8, 2016. -
Data Act:
OMB and Treasury Have Issued Additional Guidance and Have Improved Pilot Design but Implementation Challenges RemainGAO-17-156: Published: Dec 8, 2016. Publicly Released: Dec 8, 2016.
Nov 16, 2016
-
Decennial Census:
Progress Report on Preparations for 2020GAO-17-238T: Published: Nov 16, 2016. Publicly Released: Nov 16, 2016.
Oct 7, 2016
-
Federal Human Resources Data:
OPM Should Improve the Availability and Reliability of Payroll Data to Support Accountability and Workforce AnalyticsGAO-17-127: Published: Oct 7, 2016. Publicly Released: Oct 7, 2016.
Sep 20, 2016
-
Highlights of a Forum:
Data and Analytics Innovation: Emerging Opportunities and ChallengesGAO-16-659SP: Published: Sep 20, 2016. Publicly Released: Sep 20, 2016.
Sep 16, 2016
-
VA IT Management:
Organization Is Largely Centralized; Additional Actions Could Improve Human Capital Practices and Systems Development ProcessesGAO-16-403: Published: Aug 17, 2016. Publicly Released: Sep 16, 2016.
Sep 8, 2016
-
Freedom of Information Act:
Litigation Costs For Justice and Agencies Could Not Be Fully DeterminedGAO-16-667: Published: Sep 8, 2016. Publicly Released: Sep 8, 2016.
Looking for more? Browse all our products here
Explore our Key Issues on Information Management
- Best Practices and Leading Practices in Information Technology Management
- 2020 Census - High Risk Issue
- DOD Business Systems Modernization - High Risk Issue
- Ensuring the Security of Federal Information Systems and Cyber Critical Infrastructure and Protecting the Privacy of Personally Identifiable Information - High Risk Issue
- IT Acquisitions and Operations - High Risk Issue
Explore our other Key Issues here
