Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
GAO decries 'decentralized' DoD cyber efforts
Monday - 7/25/2011, 6:52pm EDT
Federal News Radio
The Defense Department unveiled its sweeping cybersecurity proposal a little more than a week ago. Now, a recently declassified Government Accountability Office report shows just how much the Pentagon is up against in its efforts to better coordinate its cyber capabilities.
The report, which was originally prepared in May 2010 and declassified today - thus pre-dating the most recent Pentagon plan - aimed to address how DoD is organized with regard to cybersecurity. The answer: not very.
DoD's organization to address cybersecurity threats is "decentralized and spread across various offices," GAO found, including the Office of the Secretary of Defense, the Joint Staff and the military.
And while there have been several attempts at publishing joint strategies for addressing cyberspace operations, GAO found that "the discussions are insufficient, and no single joint publication completely addresses cyberspace operations."
GAO also identified so-called cyber "capability gaps," which the watchdog agency said the Pentagon has not done enough to address.
DoD "has not completed a comprehensive, departmentwide assessment of needed resources, capability gaps and an implementation plan for addressing any gaps," GAO said.
On the other hand, the launch of U.S. Cyber Command last year was lauded by GAO as an example of the Pentagon taking "proactive measures" at integrating cyberspace operations. "However, it is too early to tell if these changes will help DoD better address cybersecurity threats," which emanate from hostile foreign powers, as well as hackers and terrorists, the agency said.
In its list of recommendations, GAO said DoD should set a timeframe to either complete a separate joint cyberspace publication or update the existing ones on the books. The Pentagon should also clarify "command and control relationships" regarding cyberspace, review its cyber capability gaps and develop a plan (including a funding strategy) to fill them.
DoD agreed with the recommendations.