Published on Security Management (http://www.securitymanagement.com)
DHS Still Struggling with Cybersecurity
By Peter Piazza
September 2005



    
Print Edition Only: 
No
Beyond Print?: 
No
Weight: 
0
Issue: 
September  2005 [1]
Teaser: 
The Department of Homeland Security (DHS) has “a lot of work ahead” before it fully addresses its cybersecurity-related responsibilities, according to a recent report to Congress by the Government Accountability Office (GAO).


Author: 
Peter Piazza
The Department of Homeland Security (DHS) has “a lot of work ahead” before it fully addresses its cybersecurity-related responsibilities, according to a recent report to Congress by the Government Accountability Office (GAO).


The report highlights the problems that DHS faces in fulfilling its responsibilities in protecting the cyber elements of the national critical infrastructure. For example, it has not developed national threat and vulnerability assessments, and it is having continued “difficulties in developing partnerships” with other agencies, state and local governments, and the private sector.


Another weakness noted by the GAO auditors is that DHS has no “government/industry contingency recovery plans for cybersecurity, including a plan for recovering key Internet functions” in the event of a major disruption.


The GAO does note DHS’s qualified successes. For example, its National Cyber Security Division (NCSD) is “a national focal point for addressing cybersecurity issues” that has “taken steps to develop partnerships and information-sharing mechanisms” with groups such as ISACs. Unfortunately, sharing information with the private sector is hampered by a lack of security clearances by private-sector partners and by the fear of “what information DHS would share with other federal agencies.”


Even worse, some partners described the erosion of the sharing process. One ISAC official noted that when his organization contacted DHS about a rumor of a dirty bomb being used at a national event, “ISAC officials were told to obtain the information from the media.”


The report concludes by pointing out that many of the recommendations GAO has made before—such as developing a strategic analysis and warning capability—remain undone or incomplete. A DHS official who responded to the report did not concur with most of the GAO’s recommendations, stating that many initiatives to solve these problems are already underway.


Critical Infrastructure Protection: Department of Homeland Security Faces Challenges in Fulfilling Cybersecurity @ Responsibilities is at SM Online.


Related Resources: 

 
AttachmentSize 


 
gao05434_dhs0905.pdf [2]683.77 KB 





Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international 
 organization for security professionals, with more than 35,000 members worldwide.


 ASIS International, Inc.  Worldwide Headquarters USA,   1625 Prince Street, Alexandria, Virginia 22314-2818 
 703-519-6200 | fax 703-519-6299 | www.asisonline.org
 ASIS
 Copyright © 2008, Security Management








    

    
Source URL: http://www.securitymanagement.com/article/dhs-still-struggling-cybersecurity

    
Links:
[1] http://www.securitymanagement.com/magazine/2005/09

[2] http://www.securitymanagement.com/sites/securitymanagement.com/files/gao05434_dhs0905_1.pdf