Critial Infrastructure Protection: Significant Challenges in Protecting Federal Systems and Developing Analysis and Warning Capabilities
GENERAL ACCOUNTING OFFICE WASHINGTON DC
Pagination or Media Count:
I am pleased to be here today to discuss efforts to protect federal agency information systems and our nations critical computer-dependent infrastructures. Federal agencies, and other public and private entities, rely extensively on computerized systems and electronic data to support their missions. Accordingly, the security of these systems and data is essential to avoiding disruptions in critical operations, data tampering, fraud, and inappropriate disclosure of sensitive information. Today, I will provide an overview of our recent reports on federal information security and critical infrastructure protection. Specifically, I will summarize the pervasive nature of federal system weaknesses, outline the serious risks to federal operations, and then detail the specific types of weaknesses identified at federal agencies. I will also discuss the importance of establishing a strong agency wide security management framework and how new evaluation and reporting requirements can improve federal efforts. Next, I will provide an overview of the strategy described in Presidential Decision Directive PDD 33 for protecting our nations critical infrastructures from computer-based attacks. Finally, I will summarize the results of our recent report on the National Infrastructure Protection Center NIPC, an interagency center housed in the Federal Bureau of Investigation FBI, which is responsible for providing analysis, warning, and response capabilities for combating computer-based attacks.
- Computer Systems Management and Standards