Skip to main content

Cybersecurity: Kick-Starting the Office of the National Cyber Director

GAO-22-105502 Published: Sep 06, 2022. Publicly Released: Sep 06, 2022.
Jump To:

Fast Facts

The federal government needs to develop and implement a comprehensive strategy to overcome the cyber threats facing our nation. Cybersecurity has been on our High Risk list since 1997.

In 2021, Congress created the Office of the National Cyber Director to lead the nation's cybersecurity efforts.

Our overview looks at the Office's strategic statement, which summarizes its vision and path to improve the nation's cybersecurity. For example, the Office plans to coordinate the federal defense from and response to cyberattacks. The Office noted that it's currently developing its national strategy and getting feedback from other federal agencies.

Blue padlocks and binary code superimposed over the U.S. Capitol

Skip to Highlights


What GAO Found

In 2021, Congress established the Office of the National Cyber Director to lead the nation's cybersecurity effort. Since June 2021, the Director has outlined the strategic statement for the Office and has hired staff. As of August 2022, according to the Office, the development of a national cybersecurity strategy by the administration is well underway. The Office noted that it is obtaining feedback on the strategy from many other federal entities, including the National Security Council, on this effort. The federal government needs to fully develop and implement a comprehensive national strategy in order to have a clear roadmap for overcoming the cyber challenges facing our nation.

Why GAO Did This Study

Clearly defining a leadership role to coordinate the federal government's efforts to address the nation's cybersecurity threats and challenges is urgent and necessary. Accordingly, the Congress has designated a leadership position in the White House with the authority to implement and encourage action in support of the nation's cybersecurity. This product summarizes the Office's strategic statement and its intentions regarding a national cybersecurity strategy.

For more information, contact Kevin Walsh at (202) 512-6151 or

Full Report

GAO Contacts

Office of Public Affairs


CybersecurityCyberspaceCyberspace threatsDefense budgetsInformation technologyNational securityPrivate sectorHigh-risk listFederal agenciesInformation security