Skip to main content

GAO: Information logjam leaves U.S. more vulnerable to cyberattack

  • General Accountability Office: Private, public sectors not sharing key information
  • Report cites "a multitude of threats including terrorists, criminals and hostile nations"
  • Report uges public and private sectors to form more effective partnerships

Washington (CNN) -- The public and private sector are not doing enough to share information that could help prevent a catastrophic cyberattack on the nation's critical infrastructure, according to a report by the General Accountability Office released on Monday.

The GAO found that the public sector was not consistently providing timely cyberthreat information and alerts to the private sector, and the private sector was not always sharing its proprietary information with its federal partners for fear of public disclosure.

The GAO, the investigative arm of Congress, focused on five critical infrastructure sectors owned mostly by private industry: communications; defense industrial base; energy; banking and finance; and information technology.

In its letter to Congress, the GAO said, "It is vital that the public and private sectors form effective partnerships to successfully protect these cyber-reliant critical assets from a multitude of threats including terrorists, criminals and hostile nations."

The report concluded that: "Without improvements in meeting private and public sector expectations, the partnerships will remain less than optimal, and there is a risk that owners of critical infrastructure will not have the appropriate information and mechanisms to thwart sophisticated cyber attacks that could have catastrophic effects on our nation's cyber-reliant critical infrastructure."

Rep. Bennie Thompson, Mississippi Democrat and chairman of the House Homeland Security Committee, said, "The report shows that in our nation's cybersecurity efforts, the public and private sectors are not always on the same page and information sharing is not at its best."

Rep. Yvette Clark, D-New York, said the "public and private stakeholders must do away with unnecessary processes to adequately leverage and integrate their capabilities to protect our nation's infrastructure from potential cyberattacks."

The GAO report recommended that the White House Cyber Coordinator and the Secretary of Homeland Security work with its federal and private partners to improve the sharing and protection of information.


Most popular Tech stories right now