Citation Edit

Government Accountability Office, Cybersecurity: Continued Efforts Are Needed to Protect Information Systems From Evolving Threats (GAO-10-230T) (Nov. 17, 2009) (full-text).

Overview Edit

In this prepared statement, the GAO identifies significant weaknesses in the security controls on federal information systems, resulting in pervasive vulnerabilities. These include deficiencies in the security of financial systems and information and vulnerabilities in other critical federal information systems. GAO has identified weaknesses in all major categories of information security controls at federal agencies.

This statement describes (1) cyber threats to federal information systems and cyber-based critical infrastructures, (2) control deficiencies that make these systems and infrastructures vulnerable to those threats, and (3) opportunities that exist for improving federal cybersecurity.