GAO: Protection center inadequate

GAO: Protection center inadequate

BY PREETI VASISHTHA | GCN STAFF

The National Infrastructure Protection Center has not yet developed analytical and information-sharing capabilities to adequately protect the nation's critical infrastructures, the General Accounting Office has asserted.

The center has issued analyses of single incidents, but it has limited ability to assess data on threat and vulnerability trends, according to a May GAO report, Critical Infrastructure Protection: Significant Challenges in Developing National Capabilities.

A major problem is that the center, which works under the auspices of the FBI, does not have adequate staff or technical expertise, GAO noted.

Also, no one has fully defined NIPC's responsibilities nor laid out how the center should collaborate with agencies that protect the government's critical infrastructure, the congressional watchdog agency said.

Presidential Decision Directive 63, issued in 1998, ordered the center to develop analytical capabilities to provide up-to-date information on threat conditions, system vulnerabilities and attacks.

Support you can use

The center has provided technical support to the FBI on systems attacks, GAO said. But progress has been mixed in establishing information-sharing partnerships with private-sector and other government groups.


GAO calls for NIPC changes

' Develop a comprehensive data collection and analysis framework

' Establish a national program for issuing alerts about cyberattacks

' Define its role in relation to other government agencies and the private sector

In a written response to GAO, NIPC director Ronald Dick said it's important that the center have adequate staffing, particularly from defense and intelligence communities.

He also emphasized that the center has been in existence for three years and its performance should be measured accordingly.

GAO also suggested that the assistant to the president for national security affairs encourage agencies and private-sector groups to better identify information necessary to combat computer attacks. The White House adviser should also make sure there are no discrepancies in how agencies report computer incident reporting, GAO said.

It further recommended that the attorney general have the FBI director formalize information-sharing relationships between NIPC and other organizations.

inside gcn

  • HPE SGI 8600

    New supercomputers headed to DOD

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group