WASHINGTON, August 3, 2010 – Federal agencies have not provided top-level leadership for the United States on cybersecurity issues, according to a new report by the Government Accountability Office (pdf).
While cybersecurity efforts have been sustained at a high level within the departments of Commerce, Homeland Security, Justice and State, top-level leadership is lacking, says the report. Additionally, the United States possesses no “clear vision” of how cybersecurity impacts national goals. Rather, the nation has engaged in an ad hoc selection of cybersecurity measures.
In assessing the United States’ cybersecurity infrastructure and a potential future for it, the report makes several recommendations for how the United States ought to prosecute a strategy to combat cyberattacks. It should:
- Provide “top-level leadership” on these issues;
- Develop a “coherent and comprehensive strategy” for dealing with these issues;
- Coordinate across all relevant federal entities;
- Ensure cyberspace-related technical standards and policies do not pose unnecessary barriers to U.S. trade;
- Participate in international cyber incident response;
- Recognize the “differing legal systems” by which these cybercrimes are prosecuted; and
- Define international norms for cyberspace.
The GAO finds fault with the federal government’s response on almost all of these fronts, though it pays special attention to the government’s failures on the first three recommendations. In regard to the first one, the GAO criticizes federal agencies for an overly technical view of the bureaucratic balance of power.
“Although the Department of State is charged with leading other federal agencies in establishing global networks to share threat information, department officials stated that only the president or an executive entity such as the [National Security Council] possesses the necessary authority to direct agencies such as DHS to participate,” wrote the report’s authors.
With respect to the second recommendation, on a coherent and comprehensive strategy, the report claims that, while the United States has drafted several documents outlining strategies for combating cybercrime, “none of the documents, taken individually or collectively, provide a comprehensive strategy.”
For example, while the 2003 National Strategy to Secure Cyberspace states that the State Department will lead other federal agencies, the strategy does not articulate either specific supporting activities or time frames in which to accomplish this or other objectives.
The report notes that federal officials have claimed to be developing such a strategy pursuant to the president’s Cyberspace Policy Review. However, the authors write, “we have not seen any evidence of such activities and, thus, were unable to determine what progress, if any, has been made towards accomplishing this goal.”
Finally, with respect to the third goal, dealing with coordination of relevant federal entities, the report is unequivocally damning.
“Federal agencies have not demonstrated an ability to coordinate their activities and project clear policies on a consistent basis,” the report says. “Unless federal agencies institutionalize a coordination mechanism that engages all key federal entities, it is less likely that federal agencies will be aware of each other’s efforts, or that their efforts, taken together, will support U.S. national interests in a coherent or consistent fashion.”
In envisioning a potential future path, the report concludes, “The rapid integration of information and communication technologies into virtually every aspect of modern life and the increase in associated threats have outpaced efforts by the United States and the international community…Until these challenges are addressed, the United States will be at a disadvantage in promoting its national interests in the realm of cyberspace.”
- Africa’s Informal Sector Marred by Small Manufacturing Base and Low Technology Adoption, Brookings Experts Say
- Wireless Internet Providers Excited About Multiple Spectrum Sharing Opportunities, Including FCC Priority Access
- FCC Commissioner Geoffrey Starks Gives the Broadband Scoreboard at SHLB: FCC Maps-0, Libraries-1
- Senate Appropriations Subcommittee Tackles Question of Public Versus Private Auction of C-Band Spectrum
- FCC Commissioner Brendan Carr Touts Work on Enhancing Telehealth and Flexible Spectrum
Signup for Broadband Breakfast
Broadband Data4 months ago
California Report: Income Most Significant Factor in Low Broadband Adoption
Broadband Data5 months ago
Pennsylvania Broadband Speeds Worse Than Previously Believed, According to State Report
Intellectual Property3 months ago
In Congressional Oversight Hearing, Register of Copyrights Says Office Is Responding to Online Users
Privacy and Security1 month ago
Comparing Privacy Policies for Wearable Fitness Trackers: Apple, Fitbit, Xiaomi and Under Armour
Antitrust1 month ago
Addressing the Impact of Big Data Upon Antitrust is More Complicated Than a Big Tech Breakup
Expert Opinion3 months ago
Geoff Mulligan: A ‘Dumb’ Way to Build Smart Cities
Antitrust1 month ago
Broadband Roundup: Everyone (Almost) Gangs Up on Google, Muni Broadband Fact Sheet, SHLB Anchornet Conference
Broadband Roundup2 months ago
Cable Industry Touts Energy Efficiency, Next Century Highlights Open Access Fiber, Aspen Forum Set