Critical Infrastructure Protection: Observations on Key Factors in DHS's Implementation of Its Partnership Approach, Statement of Stephen L. Caldwell, Director Homeland Security and Justice and Gregory C. Wilshusen, Director Information Security Issues, Testimony Before the Committee on Homeland Security and Governmental Affairs, U.S. Senate [open pdf - 226KB]
"Federal efforts to protect the nation's critical infrastructure from cyber threats has been on GAO's [Government Accountability Office] list of high-risk areas since 2003. Critical infrastructure is assets and systems, whether physical or cyber, so vital to the United States that their destruction would have a debilitating impact on, among other things, national security and the economy. Recent cyber attacks highlight such threats. DHS, as the lead federal agency, developed a partnership approach with key industries to help protect critical infrastructure. This testimony identifies key factors important to DHS implementation of the partnership approach to protect critical infrastructure. This statement is based on products GAO issued from October 2001 to March 2014. To perform this work, GAO reviewed applicable laws, regulations, and directives as well as policies and procedures for selected programs. GAO interviewed DHS officials responsible for administering these programs and assessed related data. GAO also interviewed and surveyed a range of other stakeholders including federal officials, industry owners and operators, industry groups, and cybersecurity experts. […] GAO has made recommendations to DHS in prior reports to strengthen its partnership efforts. DHS generally agreed with these recommendations and reports actions or plans to address many of them. GAO will continue to monitor DHS efforts to address these recommendations."
Government Accountability Office: http://www.gao.gov/