Information Security: Cyber Threats and Data Breaches Illustrate Need for Stronger Controls across Federal Agencies, Statement of Gregory C. Wilshusen, Director, Information Security Issues, Testimony before the Subcommittees on Research and Technology and Oversight, Committee on Science, Space, and Technology, House of Representatives [open pdf - 460KB]
"Effective cybersecurity for federal information systems is essential to preventing the loss of resources, the compromise of sensitive information, and the disruption of government operations. Since 1997, GAO [Government Accountability Office] has designated federal information security as a government-wide high-risk area, and in 2003 expanded this area to include computerized systems supporting the nation's critical infrastructure. Earlier this year, in GAO's high-risk update, the area was further expanded to include protecting the privacy of personal information that is collected, maintained, and shared by both federal and nonfederal entities. This statement summarizes (1) cyber threats to federal systems, (2) challenges facing federal agencies in securing their systems and information, and (3) government-wide initiatives aimed at improving cybersecurity. In preparing this statement, GAO relied on its previously published and ongoing work in this area."
Government Accountability Office: http://www.gao.gov/