GAO: Protection center inadequate

GAO: Protection center inadequate


The National Infrastructure Protection Center has not yet developed analytical and information-sharing capabilities to adequately protect the nation's critical infrastructures, the General Accounting Office has asserted.

The center has issued analyses of single incidents, but it has limited ability to assess data on threat and vulnerability trends, according to a May GAO report, Critical Infrastructure Protection: Significant Challenges in Developing National Capabilities.

A major problem is that the center, which works under the auspices of the FBI, does not have adequate staff or technical expertise, GAO noted.

Also, no one has fully defined NIPC's responsibilities nor laid out how the center should collaborate with agencies that protect the government's critical infrastructure, the congressional watchdog agency said.

Presidential Decision Directive 63, issued in 1998, ordered the center to develop analytical capabilities to provide up-to-date information on threat conditions, system vulnerabilities and attacks.

Support you can use

The center has provided technical support to the FBI on systems attacks, GAO said. But progress has been mixed in establishing information-sharing partnerships with private-sector and other government groups.

GAO calls for NIPC changes

' Develop a comprehensive data collection and analysis framework

' Establish a national program for issuing alerts about cyberattacks

' Define its role in relation to other government agencies and the private sector

In a written response to GAO, NIPC director Ronald Dick said it's important that the center have adequate staffing, particularly from defense and intelligence communities.

He also emphasized that the center has been in existence for three years and its performance should be measured accordingly.

GAO also suggested that the assistant to the president for national security affairs encourage agencies and private-sector groups to better identify information necessary to combat computer attacks. The White House adviser should also make sure there are no discrepancies in how agencies report computer incident reporting, GAO said.

It further recommended that the attorney general have the FBI director formalize information-sharing relationships between NIPC and other organizations.


  • 2020 Government Innovation Awards
    Government Innovation Awards -

    21 Public Sector Innovation award winners

    These projects at the federal, state and local levels show just how transformative government IT can be.

  • Federal 100 Awards
    cheering federal workers

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

Stay Connected