The General Accounting Office says the Department of Homeland Security has not completed its 13 assigned cybersecurity tasks.
While DHS has implemented numerous initiatives toward completing its tasks, none of them have been completed. The GAO outlined these shortcomings in a report to Congress called Critical Infrastructure Protection.
Some of the thirteen points include developing a national plan for critical infrastructure protection, improving information sharing with other public agencies as well as important private sector firms, and build partnerships throughout the public and private sector.
That last point has been a problem for DHS as it has attempted to bring the numerous agencies in its purview together for better communication. Some agencies have resisted change, and are mistrustful of fellow agencies. That lack of information sharing can be disastrous.
Other responsibilities aim at developing analysis techniques for cyber threats, identifying those threats, and providing and coordinating incident response. Developing those and other capabilities would also help lessen government dependence on private sector firms in the event of an electronic attack.
The CIA recently conducted a three-day electronic wargame called Silent Horizon. Though details about the simulation have been minimal, some sources did say the games were meant to simulate a worst-case cyber attack scenario.
It is also unknown if the CIA will share the results of Silent Horizon with DHS. Those results could serve to confirm GAO assertions on DHS preparedness.
The chilling conclusion of the GAO report notes the vulnerable points in US infrastructure, DHS’ role in securing them, and some suggestions toward making the nation more security.
Among the GAO recommendations will be for DHS to perform a national cyber threat assessment and to form recovery plans for key Internet functions.
David Utter is a staff writer for Murdok covering technology and business. Email him here.