Critical Infrastructure Protection:
Establishing Effective Information Sharing with Infrastructure Sectors
GAO-04-699T: Published: Apr 21, 2004. Publicly Released: Apr 21, 2004.
Additional Materials:
- Highlights Page:
- Full Report:
- Accessible Text:
Contact:
(202) 512-3317
contact@gao.gov
Office of Public Affairs
(202) 512-4800
youngc1@gao.gov
Critical infrastructure protection (CIP) activities that are called for in federal policy and law are intended to enhance the security of the cyber and physical public and private infrastructures that are essential to our nation's security, economic security, and public health and safety. As our reliance on these infrastructures increases, so do the potential threats and attacks that could disrupt critical systems and operations. Effective information-sharing partnerships between industry sectors and government can contribute to CIP efforts. Federal policy has encouraged the voluntary creation of Information Sharing and Analysis Centers (ISACs) to facilitate the private sector's participation in CIP by serving as mechanisms for gathering and analyzing information and sharing it among the infrastructure sectors and between the private sector and government. This testimony discusses the management and operational structures used by ISACs, federal efforts to interact with and support the ISACs, and challenges to and successful practices for ISACs' establishment, operation, and partnerships with the federal government.
Federal awareness of the importance of securing the nation's critical infrastructures--and the federal government's strategy to encourage cooperative efforts among state and local governments and the private sector to protect these infrastructures--have been evolving since the mid- 1990s. Federal policy continues to emphasize the importance of the ISACs and their information-sharing functions. In addition, federal policy established specific responsibilities for the Department of Homeland Security (DHS) and other federal agencies involved with the private sector in CIP. The ISACs themselves, although they have similar missions, were developed to serve the unique needs of the sectors they represent, and they operate under different business models and funding mechanisms. According to ISAC representatives and a council that represents many of them, a number of challenges to their successful establishment, operation, and partnership with DHS and other federal agencies remain. These challenges include increasing the percentage of entities within each sector that are members of its ISAC; building trusted relationships and processes to facilitate information sharing; overcoming barriers to information sharing, clarifying the roles and responsibilities of the various government and private sector entities that are involved in protecting critical infrastructures; and funding ISAC operations and activities. According to a DHS official, these issues are being considered, and the department is developing a plan that will document the current information-sharing relationships among DHS, the ISACs, and other agencies; goals for improving those information-sharing relationships; and methods for measuring progress toward these goals.
Feb 11, 2021
Freedom of Information Act:
Update on Federal Agencies' Use of Exemption StatutesGAO-21-148: Published: Jan 12, 2021. Publicly Released: Feb 11, 2021.
Oct 8, 2020
-
Open Data:
Agencies Need Guidance to Establish Comprehensive Data Inventories; Information on Their Progress is LimitedGAO-21-29: Published: Oct 8, 2020. Publicly Released: Oct 8, 2020.
Jul 16, 2020
-
Coast Guard:
Actions Needed to Ensure Investments in Key Data System Meet Mission and User NeedsGAO-20-562: Published: Jul 16, 2020. Publicly Released: Jul 16, 2020.
Mar 30, 2020
-
Information Management:
Selected Agencies Need to Fully Address Federal Electronic Recordkeeping RequirementsGAO-20-59: Published: Feb 27, 2020. Publicly Released: Mar 30, 2020.
Mar 16, 2020
-
Freedom of Information Act:
Federal Agencies' Recent Implementation EffortsGAO-20-406R: Published: Mar 11, 2020. Publicly Released: Mar 16, 2020.
Dec 16, 2019
-
Assessing Data Reliability (Supersedes GAO-09-680G)GAO-20-283G: Published: Dec 16, 2019. Publicly Released: Dec 16, 2019.
Oct 17, 2019
-
Freedom of Information Act:
DHS Needs to Reduce Backlogged Requests and Eliminate Duplicate ProcessingGAO-20-209T: Published: Oct 17, 2019. Publicly Released: Oct 17, 2019.
Aug 10, 2018
-
Paperwork Reduction Act:
Agencies Could Better Leverage Review Processes and Public Outreach to Improve Burden EstimatesGAO-18-381: Published: Jul 11, 2018. Publicly Released: Aug 10, 2018.
Jun 25, 2018
-
Freedom of Information Act:
Agencies Are Implementing Requirements but Additional Actions Are NeededGAO-18-365: Published: Jun 25, 2018. Publicly Released: Jun 25, 2018.
Mar 13, 2018
-
Freedom of Information Act:
Agencies Are Implementing Requirements but Need to Take Additional ActionsGAO-18-452T: Published: Mar 13, 2018. Publicly Released: Mar 13, 2018.
Looking for more? Browse all our products here
Explore our Key Issues on Information Management
Explore our other Key Issues here
