DHS, Other Agencies Still Lacking Performance Metrics on Private Sector Cybersecurity, GAO Says
The Department of Homeland Security and other sector-specific agencies (SSAs) “are acting to address sector cyber risk, but additional monitoring actions could enhance their respective sectors’ cybersecurity posture,” said a GAO report. Only three departments -- Defense, Energy and Health…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
and Human Services -- have “established performance metrics” that effectively measure progress, GAO said Thursday. DHS, which is the SSA for the communications sector and eight other critical infrastructure sectors, hasn’t developed performance metrics for any of its sectors, “although according to agency officials, such efforts are under way,” GAO said. DHS officials have said they’ve proposed performance metrics for the communications and information technology sector that should be implemented through 2018. DHS also collaborated in cross-sector cybersecurity work, including via the FCC Communications Security, Reliability and Interoperability Council, GAO said.