Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- Improving Healthcare Outcomes through IT Policy
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
Shows & Panels
GAO decries 'decentralized' DoD cyber efforts
Monday - 7/25/2011, 6:52pm EDT
Federal News Radio
The Defense Department unveiled its sweeping cybersecurity proposal a little more than a week ago. Now, a recently declassified Government Accountability Office report shows just how much the Pentagon is up against in its efforts to better coordinate its cyber capabilities.
The report, which was originally prepared in May 2010 and declassified today - thus pre-dating the most recent Pentagon plan - aimed to address how DoD is organized with regard to cybersecurity. The answer: not very.
DoD's organization to address cybersecurity threats is "decentralized and spread across various offices," GAO found, including the Office of the Secretary of Defense, the Joint Staff and the military.
And while there have been several attempts at publishing joint strategies for addressing cyberspace operations, GAO found that "the discussions are insufficient, and no single joint publication completely addresses cyberspace operations."
GAO also identified so-called cyber "capability gaps," which the watchdog agency said the Pentagon has not done enough to address.
DoD "has not completed a comprehensive, departmentwide assessment of needed resources, capability gaps and an implementation plan for addressing any gaps," GAO said.
On the other hand, the launch of U.S. Cyber Command last year was lauded by GAO as an example of the Pentagon taking "proactive measures" at integrating cyberspace operations. "However, it is too early to tell if these changes will help DoD better address cybersecurity threats," which emanate from hostile foreign powers, as well as hackers and terrorists, the agency said.
In its list of recommendations, GAO said DoD should set a timeframe to either complete a separate joint cyberspace publication or update the existing ones on the books. The Pentagon should also clarify "command and control relationships" regarding cyberspace, review its cyber capability gaps and develop a plan (including a funding strategy) to fill them.
DoD agreed with the recommendations.