12 Ways to Improve Federal Cybersecurity

GAO Solicits Experts' Views on Critical Aspects of Infosec Strategy
12 Ways to Improve Federal Cybersecurity
The Government Accountability Office earlier this year interviewed panels of cybersecurity experts that included former federal officials, academics and private-sector executives about the critical aspects of information security strategy for the federal government, and came up with one dozen key strategy improvements.

"Until they are addressed, our nation's most critical federal and private sector cyber infrastructure remain at unnecessary risk to attack from our adversaries," GAO said in a report released Tuesday that delineated the 12 strategy improvements.

Key Cybersecurity Strategy Improvements

  1. Develop a national strategy that clearly articulates strategic objectives, goals and priorities.

  2. Establish White House responsibility and accountability for leading and overseeing national cybersecurity policy.

  3. Establish a governance structure for strategy implementation.

  4. Publicize and raise awareness about the seriousness of the cybersecurity problem.

  5. Create an accountable, operational cybersecurity organization.

  6. Focus more actions on prioritizing assets, assessing vulnerabilities and reducing vulnerabilities than on developing additional plans.

  7. Bolster public-private partnerships through an improved value proposition and use of incentives.

  8. Focus greater attention on addressing the global aspects of cyberspace.

  9. Improve law enforcement efforts to address malicious activities in cyberspace.

  10. Place greater emphasis on cybersecurity research and development, including consideration of how to better coordinate government and private sector efforts.

  11. Increase the cadre of cybersecurity professionals.

  12. Make the federal government a model for cybersecurity, including using its acquisition function to enhance cybersecurity aspects of products and services.

The GAO report - written by Gregory Wilshusen, director of information security issues, and David A. Powner, director of IT management issues - was presented to the Senate Judiciary Committee's Subcommittee on Terrorism and Homeland Security, which held a hearing Tuesday on preventing terrorist attacks and protecting privacy in cyberspace.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.