"The harmonization effort has the potential to reduce duplication of effort and allow more effective implementation of information security controls across interconnected systems," says GAO's Gregory Wilshusen.
The tediousness of complying with the rules to secure federal government information systems are laid out in the latest inspector general's audit of the Department of Homeland Security.
Sensitive information maintained by three federal departments - Defense, Homeland Security and Health and Human Services - isn't fully safeguarded from the inquisitive eyes of government contractors, putting the data at risk of unauthorized disclosure or misuse.
A new report from the Government Accountability Office serves as a reminder that the physical cannot be safeguarded effectively without help from the virtual.
"There is a risk that owners of critical infrastructure will not have the information necessary to thwart cyber attacks that could have catastrophic effects on our nation's cyber-reliant critical infrastructure," GAO David Powner says.
"Without top-level leadership, the federal government has not forged a coherent and comprehensive strategy for cyberspace security and governance policy," GAO's David Powner says in a letter to lawmakers.
"Our efforts to gain access to information are hampered because the Bureau of Consular Affairs is not considered a law enforcement entity for information sharing purposes," Deputy Assistant Secretary of State Brenda Sprague says.
The Government Accountability Office is taking the White House to task for not demonstrating sufficient leadership in shepherding cybersecurity research and development.
"The cloud is not such a special technology necessarily that it is exempt from a security perspective, but is just another implementation of IT, and is a natural evolution of where we come from," Federal CIO Vivek Kundra says.
The Federal Aviation Administration is inadequately securing medical and personal information on the more than 3 million airmen who it certifies as being fit to operate an aircraft, according to a new report.
"It is essential that U.S.-CERT and the public and private sectors share cybersecurity information to ensure that appropriate steps can be taken to mitigate the potential effect of a cyber incident," Homeland Security Inspector General Robert Skinner says.
"Without this authority, U.S.-CERT is limited in its ability to mitigate effectively ever evolving security threats and vulnerabilities," writes DHS Inspector General Richard Skinner in this article adapted from his House testimony.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.