Critical Infrastructure Protection: Challenges and Efforts to Secure Control Systems: GAO-04-354

Dacey, Robert F.
March 2004
GAO Reports;3/15/2004, p1
Government Documents
Computerized control systems perform vital functions across many of our nation's critical infrastructures. For example, in natural gas distribution, they can monitor and control the pressure and flow of gas through pipelines. In October 1997, the President's Commission on Critical Infrastructure Protection emphasized the increasing vulnerability of control systems to cyber attacks. The House Committee on Government Reform and its Subcommittee on Technology, Information Policy, Intergovernmental Relations and the Census asked GAO to report on potential cyber vulnerabilities, focusing on (1) significant cybersecurity risks associated with control systems (2) potential and reported cyber attacks against these systems (3) key challenges to securing control systems and (4) efforts to strengthen the cybersecurity of control systems. In addition to general cyber threats, which have been steadily increasing, several factors have contributed to the escalation of the risks of cyber attacks against control systems. These include the adoption of standardized technologies with known vulnerabilities and the increased connectivity of control systems to other systems. Control systems can be vulnerable to a variety of attacks, examples of which have already occurred. Successful attacks on control systems could have devastating consequences, such as endangering public health and safety. Securing control systems poses significant challenges, including limited specialized security technologies and lack of economic justification. The government, academia, and private industry have initiated efforts to strengthen the cybersecurity of control systems. The President's National Strategy to Secure Cyberspace establishes a role for DHS to coordinate with these entities to improve the cybersecurity of control systems. While some coordination is occurring, DHS's coordination of these efforts could accelerate the development and implementation of more secure systems. Without effective coordination of these efforts, there is a risk of delaying the development and implementation of more secure systems to manage our critical infrastructures.


Related Articles

  • Information Security: Technologies to Secure Federal Systems: GAO-04-467.  // GAO Reports;3/9/2004, p1 

    Federal agencies rely extensively on computerized information systems and electronic data to carry out their missions. The security of these systems and date is essential to preventing data tampering, disruptions in critical operations, fraud, and inappropriate disclosure of sensitive...

  • 'High-Risk' Finance At the Federal Level. O'Meara, Kelly Patricia // Insight on the News;9/2/2003, Vol. 19 Issue 19, p21 

    Focuses on the failure of federal agencies to account for taxpayer funds in the U.S. Information on status reports provided by David Walker, comptroller general to the General Accounting Office about agencies engaged in dubious accounting practices; Inclusion of the Department of Homeland...

  • DHS Needs To Provide More Cyber Information Help To Private Sector, GAO Says. Biesecker, Calvin // Defense Daily;3/17/2011, Vol. 249 Issue 51, p8 

    The article reports on Greg Wilshusen, director of Information Security Issues at U.S. Government Accountability Office (GAO), who has said that private sector organizations want timely information about cyber threats and alerts from the Department of Homeland Security (DHS), yet most...

  • The Feds Are Not Concerned About Your Privacy. Mast, Lucas // Business Journal (Central New York);10/06/2000, Vol. 14 Issue 40, p35 

    Reports on the United States General Accounting Office's audit of computer security at 20 federal agencies. Computer systems susceptible to break-ins; Information from the Library of Congress.

  • DEPARTMENT OF HOMELAND SECURITY.  // Federal Register (National Archives & Records Service, Office of;12/11/2012, Vol. 77 Issue 238, p73669 

    The article presents a response to comments received for The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research. It states that the research, also called The Menlo Report, is intended for Protected Repository for the Defense of Infrastructure Against Cyber...

  • Senate cybersecurity bill would allow firms to appeal regulations. Nagesh, Gautham // Hill;2/14/2012, Vol. 19 Issue 19, p12 

    The article reports on the comprehensive cybersecurity bill, which will be introduced by the leadership of the U.S. Senate Homeland Security Committee on February 21, 2012, that would allow firms to appeal whether new security regulations should apply to their sector in the U.S.

  • A High-Tech Achilles Heel. Whitelaw, Kevin // U.S. News & World Report;11/5/2007, Vol. 143 Issue 16, p39 

    The article discusses a test conducted by the U.S. Idaho National Laboratory designed to replicate a computer attack on a power plant control system. The test was funded by the Department of Homeland Security and conducted ahead of expected requests from the administration of President George W....

  • Storm Warning. Pulliam, Daniel // Government Executive;Jan2007, Vol. 39 Issue 1, p30 

    The article focuses on the relevance of the Cyber Storm, an exercise on cyber attack conducted by the U.S. Homeland Security Department in February 2006. The Department spent $3 million to mount the Cyber Storm. The Cyber Storm was participated by self-selected volunteers who already have...

  • Feds to Take a Bite Out of Cybercrime. Eggerton, John // Multichannel News;5/16/2011, Vol. 32 Issue 20, p8 

    The article reports that the administration of U.S. President Barack Obama wants to work with the Department of Homeland Security to boost the cybersecurity framework which includes the requirement of regular reporting and sharing data with law enforcement and government through the critical...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics