Brian Krebs at the Washington Post reports:
The Department of Homeland Security today received more lumps for failing to implement programs to protect the nation’s most vital computer systems from attack or disruption. The Government Accountability Office issued a report today concluding that the department’s failure to make meaningful progress on its myriad cyber-security programs was due largely to organizational and staffing problems.
The GAO report has a section entitled “DHS Has 13 Key Cybersecurity Responsibilities.” Things like “Develop a national plan for critical infrastructure protection that includes cybersecurity.” And “Support efforts to reduce cyber threats and vulnerabilities.” And “Integrate cybersecurity with national
security.”
Unfortunately, the auditors say: “DHS has not yet developed national cyber threat and vulnerability assessments or developed and exercised government and government/industry contingency recovery plans for cybersecurity, including a plan for recovering key Internet functions.”
Gee. Maybe the Department of Homeland Security would get better results if they spent more time actually protecting, you know, homeland security instead of busting people trading movies over BitTorrent. Which, by the way, isn’t anywhere on that list of 13 key scybersecurity responsibilities.
Ed Bott 