Cybersecurity: Recent Data Breaches Illustrate Need for Strong Controls Across Federal Agencies, Statement of Gregory C. Wilshusen, Director, Information Security Issues, Testimony Before the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, Committee on Homeland Security, House of Representatives   [open pdf - 234KB]

"Effective cybersecurity for federal information systems is essential to preventing the loss of resources, the compromise of sensitive information, and the disruption of government operations. Federal information and systems face an evolving array of cyber-based threats, and recent data breaches at federal agencies highlight the impact that can result from ineffective security controls. Since 1997, GAO [Government Accountability Office] has designated federal information security as a government-wide high-risk area, and in 2003 expanded this area to include computerized systems supporting the nation's critical infrastructure. This year, in GAO's high-risk update, the area was further expanded to include protecting the privacy of personal information that is collected, maintained, and shared by both federal and nonfederal entities. This statement summarizes (1) challenges facing federal agencies in securing their systems and information and (2) government-wide initiatives, including those led by DHS, aimed at improving cybersecurity. In preparing this statement, GAO relied on its previously published and ongoing work in this area. In previous work, GAO and agency inspectors general have made hundreds of recommendations to assist agencies in addressing cybersecurity challenges. GAO has also made recommendations to improve government-wide initiatives."

Report Number:
Public Domain
Retrieved From:
Via E-mail
Media Type:
Help with citations