According to the Government Accountability Office (GAO), the government's infrastructure sectors' plans lack protection against cyberattacks and disaster, pointing out that none of the sectors included all 30 cybersecurity criteria, such as key vulnerabilities and measures to reduce them. Among the 17 sectors of the government, information technology and communications had the strongest cybersecurity plans, and the agriculture, food and commercial sectors were the least comprehensive, according to David Powner, director of GAO's information technology management issues.
The Homeland Security Department provided a national plan last year for the sectors as a guide for their individual plans. Greg Garcia, DHS’ assistant secretary for cybersecurity and communications, said that DHS acknowledged the shortcomings based on GAO's findings, but he explained that these sector plans, released in May, represent only early efforts. Garcia further added that "sectors are not meant to be uniformly comprehensive in their cybersecurity efforts, and they must balance cybersecurity risk against other risk management efforts and unique aspects of their infrastructure 'based on its dependence on cyber elements.'" GAO recommended that DHS fully address the cybersecurity criteria by September 2008.
Read full article here.