CRITICAL INFRASTRUCTURE PROTECTION: Significant Challenges in Developing Analysis, Warning, and Response Capabilities

Dacey, Robert F.

CRITICAL INFRASTRUCTURE PROTECTION: Significant Challenges in Developing Analysis, Warning, and Response Capabilities

Active / Technical Report | Accession Number: ADA394175 |

Open PDF

Abstract:

The National Infrastructure Protection Center NIPC is an important part of the governments strategy to protect the U.S. infrastructures from hostile attacks, especially computer-based attacks. This testimony draws on a recent GAO report on NIPCs progress in developing national capabilities for analyzing cyber threats and vulnerability data and issuing warnings, enhancing its capabilities for responding to cyber attacks, and establishing information-sharing relationships with governments and private-sector entities. GAO found that NIPCs progress been mixed. NIPC began various critical infrastructure protection efforts that have laid the foundation for future governmentwide efforts. NIPC has also provided valuable support in investigating and responding to attacks on computers. However, the analytical and information-sharing capabilities that are needed to protect the nations critical infrastructures have yet to be achieved, and NIPC has developed only limited warning capabilities. This slow progress is due in part to the fact that NIPCs roles and responsibilities have not been fully defined and are not consistently interpreted by other entities involved in the governments broader critical infrastructure protection strategy. This report summarized an April report GAO-01-323.

Author(s):

Dacey, Robert F.

Author Organization(s):

GENERAL ACCOUNTING OFFICE WASHINGTON DC

Pagination:

0013

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

RECORD

Collection: TR

Identifying Numbers

Report Number(s):

GAO-01-1005T

Monitor Series:

XD

Subject Terms

Joint Capability Areas:

JCA_5_Command and Control; JCA_5.2_Understand; JCA_5.3_Planning; JCA_5.2.3_Share Knowledge and Situational Awareness; JCA_6_Net Centric; JCA_7_Protection; JCA_7.2.1_Mitigate Lethal Effects; JCA_7.2_Mitigate; JCA_5.2.2_Develop Knowledge and Situational Awareness; JCA_5.5_Direct; JCA_2_Battlespace Awareness; JCA_2.1_Planning and Direction; JCA_6.2.1_Information Sharing; JCA_6.2.2_Computing Services; JCA_5.5.1_Communicate Intent and Guidance; JCA_5.3.1_Analyze Problem; JCA_8_Building Partnerships; JCA_6.4.1_Secure Information Exchange; JCA_3_Force Application; JCA_6.4_Information Assurance; JCA_8.2_Shape

Modernization Areas:

Cyber

Communities of Interest:

No COI(s) Identified

Descriptor(s):

*NATIONAL SECURITY, *DATA PROCESSING SECURITY, UNITED STATES, POLICIES, INFORMATION SYSTEMS, VULNERABILITY, COMPUTER APPLICATIONS, DIRECTIVES, ELECTRONIC SECURITY, WARNING SYSTEMS, INFRASTRUCTURE

Field(s)/Group(s):

Computer Systems Management and Standards, Military Intelligence

Keyword(s):

NIPC(NATIONAL INFRASTRUCTURE PROTECTION CENTER), PDD 63(PRESIDENTIAL DECISION DIRECTIVE 63)

Report Date:

2001 Jul 25

Creation Date:

2001 Oct 17