Critical Infrastructure Protection: Further Efforts Needed to Integrate Planning for and Response to Disruptions on Converged Voice and Data Networks
Highlights
Technological advances have led to an increasing convergence of previously separate networks used to transmit voice and data communications. While the benefits of this convergence are enormous, such interconnectivity also poses significant challenges to our nation's ability to respond to major disruptions. Two operations centers--managed by the Department of Homeland Security's (DHS) National Communications System and National Cyber Security Division--plan for and monitor disruptions on voice and data networks. In September 2007, a DHS expert task force made three recommendations toward establishing an integrated operations center that the department agreed to adopt. To determine the status of efforts to establish an integrated center, GAO reviewed documentation, interviewed relevant DHS and private sector officials, and reviewed laws and policies to identify DHS's responsibilities in addressing convergence.
Recommendations
Recommendations for Executive Action
| Agency Affected | Recommendation | Status |
|---|---|---|
| Department of Homeland Security | The Secretary of Homeland Security should direct the Assistant Secretary for Cyber Security and Communications to establish milestones for completing the development and implementation of the strategic plan for the National Cyber Security Division and the National Communications System. |
Closed – Implemented
In lieu of completing and using the strategic plan to outline the department's overall direction for the activities of the National Communications System (NCS) and the National Cyber Security Division (NCSD), including plans to integrate these organizations' watch centers, DHS did so in the department's September 2010 National Cyber Incident Response Plan. Specifically, in the plan, DHS (1)provides the rationale and purpose for merging NCS's national coordination center and NCSD's readiness team to form the National Cybersecurity and Communications Integration Center (NCCIC) and (2) describes NCCIC's strategic approach, including specifying assigned organizational roles and responsibilities and actions planned and underway to prepare for, respond to, and coordinate recovery from a cyber incident.
|
| Department of Homeland Security | The Secretary of Homeland Security should direct the Assistant Secretary for Cyber Security and Communications to define specific tasks and associated milestones for establishing the integrated operations center through merging National Coordination Center Watch and U.S. Computer Emergency Readiness Team and inviting and engaging key private sector critical infrastructure officials from additional sectors to participate in the operations of the new integrated center. |
Closed – Implemented
In response, DHS merged the national coordination center and readiness team to form an entity called the National Cybersecurity and Communications Integration Center (NCCIC). The new center, which DHS stood up in October 2009, functions as a coordinated watch and warning center that serves to improve national efforts to address threats and incidents affecting the nation's critical information technology and cyber infrastructure. In doing this, NCCIC is to integrate information from all partners (e.g. public and private, state and federal) in both the cyber and communications arenas to create and share common knowledge and coordinate response activities. To accomplish this latter task, DHS has key private sector officials from various critical infrastructure sectors participate in center operations.
|