The decade-old federal government cybersecurity strategy continues to face persistent challenges to effectively secure the nation’s online infrastructure, according to recent congressional testimony from the Government Accountability Office.
“Shortcomings persist in assessing risks, developing and implementing security programs, and monitoring results at federal agencies,” the GAO contends. “This is due in part to the fact that agencies have not fully implemented information security programs, resulting in reduced assurance that controls are in place and operating as intended to protect their information resources.”
Other major problems include lack of cybersecurity guidance for federal agencies, variances in the degree to which agencies must comply with specific cybersecurity regulations, the lack of a centralized information sharing system, and failure of the Department of Homeland Security to fully develop predictive analysis of cyber threats.
Consequently, there remains no coherent and comprehensive national strategy, and little coordination among federal agencies. “The federal cybersecurity strategy has evolved over the past decade with the issuance of several strategy documents and other initiatives that address aspects of these challenge areas,” according to the GAO testimony. “However, there is no overarching national cybersecurity strategy that synthesizes these documents or comprehensively describes the current strategy. In addition, the government’s existing strategy documents do not always incorporate key desirable characteristics GAO has identified that can enhance the usefulness of national strategies.”
The testimony is available here.
Register or login for access to this item and much more
All Health Data Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access