Critical Infrastructure Protection, DHS Has Made Progress in Enhancing Critical Infrastructure Assessments, but Additional Improvements Are Needed, Statement of Chris Currie, Director, Homeland Security and Justice, Testimony Before the Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies, Committee on Homeland Security, House of Representatives [open pdf - 528KB]
"Protecting the security of CI [Critical Infrastructure] is a top priority for the nation. CI includes assets and systems, whether physical or cyber, that are so vital to the United States that their destruction would have a debilitating impact on, among other things, national security or the economy. Multiple federal entities, including DHS, are involved in assessing CI vulnerabilities, and assessment fatigue could impede DHS's ability to garner the participation of CI owners and operators in its voluntary assessment activities. This testimony summarizes past GAO [Government Accountability Office] findings on progress made and improvements needed in DHS's vulnerability assessments, such as addressing potential duplication and gaps in these efforts. This statement is based on products GAO issued from May 2012 through October 2015 and recommendation follow-up conducted through March 2016. GAO reviewed applicable laws, regulations, directives, and policies from selected programs. GAO interviewed officials responsible for administering these programs and assessed related data. GAO interviewed and surveyed a range of stakeholders, including federal officials, and CI owners and operators."
Government Accountability Office: http://www.gao.gov/