DHS, Other Agencies Still Lacking Performance Metrics on Private Sector Cybersecurity, GAO Says
The Department of Homeland Security and other sector-specific agencies (SSAs) “are acting to address sector cyber risk, but additional monitoring actions could enhance their respective sectors’ cybersecurity posture,” said a GAO report. Only three departments -- Defense, Energy and Health…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
and Human Services -- have “established performance metrics” that effectively measure progress, GAO said Thursday. DHS, which is the SSA for the communications sector and eight other critical infrastructure sectors, hasn’t developed performance metrics for any of its sectors, “although according to agency officials, such efforts are under way,” GAO said. DHS officials have said they’ve proposed performance metrics for the communications and information technology sector that should be implemented through 2018. DHS also collaborated in cross-sector cybersecurity work, including via the FCC Communications Security, Reliability and Interoperability Council, GAO said.