GAO Cyber Crime Report Released, Plans Announced to Improve Private Sector Cyber Security

Photo: Congressman Bennie G. Thompson 


Monday, Congressman Bennie G. Thompson Chairman of the Committee on Homeland Security, and Congressman James R. Langevin, Chairman of the Subcommittee on Emerging Threats, Cyber security, Science and Technology released a report conducted by the Government Accountability Office (GAO) on public and private challenges in addressing cyber crime.

The GAO reaffirms the threat that cyber crime poses to U.S. national and economic security interests. In 2005, the Federal Bureau of Investigation estimated American businesses lost $67.2 billion due to computer crime. Threats come both from at home and abroad; though many cyber attacks originate on U.S. soil, foreign adversaries continue to make public statements about exploiting vulnerabilities in technology to their advantage.

According to the GAO, the public and private sectors face numerous challenges to secure cyberspace, both in operational security and in law enforcement. Both public and private sectors have run into difficulties detecting or reporting cyber crime; the sectors have struggled to implement strong information security programs; there is a lack of adequate law enforcement analytical and technical capabilities to confront these challenges; and the borderless environment of cyber security makes it difficult for law enforcement to hold accountable those who break laws.

Chairman Thompson issued the following statement regarding the findings:

"When it comes to cyber, we have two worlds to secure -- the public and the private sector. In order to provide leadership to the private sector, the Department of Homeland Security must demonstrate control of its networks. Unfortunately, previous GAO engagements and our own investigations into the department have shown that 'information security' has become an oxymoron. This is simply unacceptable. This administration and the department's leadership may continue to disregard these problems, but this committee will continue to demand accountability from the government contractors and employees charged with securing information networks."

Chairman Langevin added:

"I encourage all businesses -- small and large -- to take a very close look at their cyber security practices. Though 100 percent security may be unattainable, there are many policies and procedures that businesses can implement to better safeguard their data.

Just as the government must improve its cyber security posture, so too must the private sector. The private sector is the nation's economic engine and the owner of a great majority of the national critical infrastructure. American businesses must come to realize that the security of the information that they keep is as important as the bottom line. In the upcoming months, this committee will lead the conversation about ways to spur private sector investment in cyber security. Recently, Assistant Secretary for Cyber security and Telecommunications Greg Garcia asked us to consider legislation to help make the case for private investment. In addition to our efforts designed to improve Federal network security, I will work with Chairman Thompson to identify plans for incentives and liabilities that will improve private sector cyber security."

PDF Version of Report