Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures

United States Government Publishing Office publisher pbl distributor dst United States Government Accountability Office author aut Government Organization text government publication eng GAOREPORTS Legislative Agency Publications gao legislative 2010-08-12 U.S. Government Printing Office 2003-04-08 monographic deposited born digital 75 p. GA 1.13:GAO-03-564T https://www.govinfo.gov/app/details/GAOREPORTS-GAO-03-564T P0b002ee1803a5705 f:d03564t DGPO 2010-08-12 2011-03-24 GAOREPORTS-GAO-03-564T machine generated eng fdlp REPORT GAOREPORTS-GAO-03-564T GAO-03-564T Computer crimes Computer security Information technology Internal controls National preparedness Information resources management Noncompliance Strategic planning Testimony A06617 Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures Protecting the computer systems that support federal agencies' operations and our nation's critical infrastructures--such as power distribution, telecommunications, water supply, and national defense--is a continuing concern. These concerns are well-founded for a number of reasons, including the dramatic increases in reported computer security incidents, the ease of obtaining and using hacking tools, the steady advance in the sophistication and effectiveness of attack technology, and the dire warnings of new and more destructive attacks. GAO first designated computer security as high risk in 1997, and in 2003 expanded this high-risk area to include protecting the systems that support our nation's critical infrastructures, referred to as cyber critical infrastructure protection or cyber CIP. GAO has made previous recommendations and periodically testified on federal information security weaknesses--including agencies' progress in implementing key legislative provisions on information security--and the challenges that the nation faces in protecting our nation's critical infrastructures. GAO was asked to provide an update on the status of federal information security and CIP. https://www.govinfo.gov/content/pkg/GAOREPORTS-GAO-03-564T/html/GAOREPORTS-GAO-03-564T.htm https://www.govinfo.gov/content/pkg/GAOREPORTS-GAO-03-564T/pdf/GAOREPORTS-GAO-03-564T.pdf GAO-03-564T https://www.govinfo.gov/app/details/GAOREPORTS-GAO-03-564T Testimony GAO-03-564T; Information Security: Progress Made, But Challenges Remain to Protect Federal Systems and the Nation's Critical Infrastructures; Computer crimes Computer security Information technology Internal controls National preparedness Information resources management Noncompliance Strategic planning United States Public Law 398 (106th Congress) Public Law 106-398 United States Public Law 56 (107th Congress) Public Law 107-56 United States Public Law 305 (107th Congress) Public Law 107-305 United States Public Law 347 (107th Congress) Public Law 107-347