Wednesday, September 17, 2008

GAO: U.S. Cyber Security Is Weak

A BusinessWeek article by Keith Epstein, via, reports that:

The federal government cybersecurity team with primary responsibility for protecting the computer networks of government and private enterprise isn't up to the job, according to a draft Government Accountability Office report obtained by BusinessWeek.

The U.S. Computer Emergency Readiness Team, known as US-CERT, mans the front line in any cyber-attack. The group monitors computer networks for hacker threats, investigates suspicious activity online, and is supposed to issue timely alerts to information technology security professionals from the White House to corporations and electric utilities. But the GAO draft report describes US-CERT as bedeviled by frequent management turnover, bureaucratic challenges that prevent timely sounding of alarms, a lack of access to networks across wide swaths of critical terrain, and an inability to fill large numbers of positions with qualified workers.

Five years after the Homeland Security Dept. took charge of the team as a critical safeguard against threats to national security, US-CERT "still does not exhibit aspects of the attributes essential to having a truly national capability," according to the draft report.

More here.


Post a Comment

<< Home