GAO: overarching cyber strategy needed
The Government Accountability Office is calling for the White House Cybersecurity Coordinator to develop an “overarching federal cybersecurity strategy” to provide a more effective framework for implementing cybersecurity activities.
In a new report studying the country’s cybersecurity efforts, the GAO said that more than a decade of cybersecurity strategy, mandates and orders, including the national cybersecurity strategy released in 2011, have still left a number of holes that were not addressed.
“The many continuing cybersecurity challenges faced by the government highlight the need for a clearly defined oversight process to ensure agencies are held accountable for implementing effective information security programs,” GAO said. “Further, until an overarching national cybersecurity strategy is developed that addresses all key elements of desirable characteristics, overall progress in achieving the government’s objectives is likely to remain limited.”
In its comments, the White Hosue agreed more needs to be done to develop a new comprehensive cybersecurity strategy, but did not believe producing another strategy document would be beneficial. The White House did agree Congress should consider enhanced cybersecurity legislation.
GAO held firm, saying it believes an overarching strategy document that includes milestones and performance measures, cost and resources, roles and responsibilities, and linkage with other key strategy documents would provide a more effective framework for implementing cybersecurity activities.