Access controls

Access controls fall short in most agencies

If access control is the front line of cyber defense, federal agencies are in a vulnerable position, according to the Government Accountability Office. All 24 of the major executive branch agencies evaluated by the GAO had weaknesses in access control in fiscal 2011, the latest year for such an evaluation.

GAO analyzed inspector general and other reports to identify weaknesses in five critical areas of security controls, including configuration management, segregation of duties, continuity of operations planning and information security programs.

Most agencies showed weaknesses in all of these areas, but access control was the only area in which all agencies were lacking. Consistent shortfalls such as this are one reason information security has been designated a high-risk area by GAO since before the turn of this century.

The weaknesses persist despite the attention to cybersecurity of several successive administrations, according to the GAO, which identified seven significant challenges to enhancing federal cybersecurity and the nation’s critical infrastructure:

  • Implementing actions recommended by the president’s cybersecurity policy review
  • Updating the national strategy for securing the information and communications infrastructure
  • Reassessing the Department of Homeland Security’s planning approach to critical infrastructure protection
  • Strengthening public-private partnerships, particularly for information sharing
  • Enhancing the national capability for cyber warning and analysis
  • Addressing global aspects of cybersecurity and governance
  • Securing the modernized electricity grid, referred to as the smart grid.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • AI regulation

    Congress takes first steps toward regulating artificial intelligence

Reader Comments

Mon, Sep 22, 2014

And this is news because.......???

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group