Since 1998, the federal government has taken steps to protect the nation's critical infrastructures, including developing partnerships between the public and private sectors. These cyber and physical public and private infrastructures, which include the financial services sector, are essential to national security, economic security, and/or public health and safety. GAO was asked to review (1) the general nature of the cyber threats faced by the financial services industry; (2) steps the financial services industry has taken to share information on and to address threats, vulnerabilities, and incidents; (3) the relationship between government and private sector efforts to protect the financial services industry's critical infrastructures; and (4) actions financial regulators have taken to address these cyber threats.
Recommendations for Executive Action
|Department of the Treasury||To improve the likelihood of success of the financial services sector's Critical Infrastructure Protection efforts, the Secretary of the Treasury should direct the Assistant Secretary for Financial Institutions, the banking and finance sector liaison, to coordinate with the industry in its efforts to update the sector's National Strategy for Critical Infrastructure Assurance and in establishing interim objectives, detailed tasks, timeframes, and responsibilities for implementing it and a process for monitoring progress. As part of these efforts, the Assistant Secretary should assess the need for grants, tax incentives, regulation, or other public policy tools to assist the industry in meeting its goals.|