Critical Infrastructure Protection: National Cybersecurity Strategy Needs to Address Information Sharing Performance Measures and Methods

Sep 26, 2023 06:00 pm Cyber Security 167
Critical Infrastructure Protection: National Cybersecurity Strategy Needs to Address Information Sharing Performance Measures and Methods

What GAO Found


The nation's 16 critical infrastructure sectors rely on electronic systems to provide essential services such as electricity, communications, and financial services. Federal entities have key roles in helping to protect these sectors.


  • The Office of the National Cyber Director (ONCD) is to advise the President on cybersecurity policy and strategy, and lead the coordination of implementation of the March 2023 National Cybersecurity Strategy.

  • The Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is to coordinate the overall federal effort to promote the security of the nation's critical infrastructure, including the sharing of threat information.

  • The FBI is to lead counterterrorism and counterintelligence investigations and related law enforcement activities across the critical infrastructure sectors and share related cyber threat information.

  • CISA and 12 other agencies are sector risk management agencies responsible for providing specialized expertise for protecting the cybersecurity of their assigned sectors (e.g., Department of Energy and the energy sector), to include the sharing of sector-specific threat information.

    • The 14 federal agencies in GAO's review—CISA, FBI, and the other 12 sector risk management agencies—reported relying on 11 methods to facilitate sharing of cyber threat information with critical infrastructure owners and operators. As shown in figure 1, these agencies used each of the 11 methods to varying degrees (see the numbers next to each method).


    Figure 1: Number of Methods Used by 14 Federal Agencies Sharing Cyber Threat Information



    The 14 agencies varied in the number of information sharing methods that they each used. Specifically, four agencies—the Department of Defense, the Department of Energy, CISA, and FBI—used more than half of the 11 sharing methods and 10 agencies used fewer than half of the 11 sharing methods.


    The agencies ..

    Support the originator by clicking the read the rest link below.

    critical infrastructure protection national cybersecurity strategy needs address information sharing performance measures methods
    Read The Rest from the original source
    gao.gov

    Related News

    Be in Touch

    All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
    Powered By The Internet!!!!