GAO: Homeland Security Isn’t Protecting Internet - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:01 PM

GAO: Homeland Security Isn’t Protecting Internet

Some experts urge the government to plan better for recovering from a widespread attack on the nation’s computers.

The Department of Homeland Security has failed to fully address any of its 13 key cyber security responsibilities, a government investigator told the Senate in a hearing earlier this week.

The result, said Sen. Tom Coburn (R-Okla.), the chairman of the Subcommittee on Federal Financial Management, Government Information, and International Security, is that "vulnerabilities still exist today, only now they are less excusable.

"The government's plan to secure our vital infrastructures from a cyber threat remains vague…despite clear legislative and executive mandates," Coburn added.

Coburn's blast at the Department of Homeland Security (DHS) came as David Powner, a key official in the Government Accountability Office (GAO), the watchdog that has repeatedly criticized federal agencies' computer security, testified before the committee and released a 21-page report on the GAO's cyber-security findings.

DHS has no plans in place for recovering from a widespread attack, nor a national threat and vulnerability assessment program, said Powner. "[The department] has not developed and exercised government and government/industry contingency recovery plans, including a plan for recovering key Internet functions," he testified.

Other failures, Powner went on, include difficulties working and sharing information with other federal agencies, and with companies and researchers in the private sector; poor integration of cyber security with national security as a whole; and no idea of how to reduce vulnerabilities, since a comprehensive vulnerability assessment hasn't been completed.

While Homeland Security has made progress in many areas, Powner said, it's failed to master any of the 13 key responsibilities and "has much work ahead in order to be able to fully address them."

Until it does, the country faces "increased risk that large portions of our national infrastructure are unprepared to effectively address cyber emergencies," Powner concluded.

Senators used the report to hammer at the DHS slow cyber security progress. "America expects DHS to take every reasonable measure to protect us from terrorism," said Coburn. "I am not convinced that threshold has been met [here]."

The acting director of DHS's cyber security division, Andy Purdy, defended his agency's efforts before the Senate, but admitted it had a hard row to hoe.

"We believe [the GAO report] has provided a fair assessment of the progress to date and agree that while considerable work has been done, much work remains," Purdy said.

Purdy hoped that his successor would be able to speed up matters. Last week, DHS Secretary Michael Chertoff announced that the head of the country's cyber security would soon be a higher-level position with more authority. The new Assistant Secretary for Cyber and Telecommunications Security, however, has not yet been named.

"With the proposed appointment of a new Assistant Secretary, we are confident that we will accelerate our cyber security efforts," said Purdy.

We had better, said Sen. Coburn.

"The nature of terrorists is to attack private citizens as we recently saw in the horrific attack in the United Kingdom. There can be no excuse for not effectively engaging the private sector [on cyber security], even though it is hard. We ask no less of our food safety, airline security, and pharmaceutical industries," he said.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll