Critical Infrastructure Protection: Significant Challenges in Developing Analysis, Warning, and Response Capabilities Page: 2 of 11
This text is part of the collection entitled: Government Accountability Office Reports and was provided to UNT Digital Library by the UNT Libraries Government Documents Department.
Extracted Text
The following text was automatically extracted from the image on this page using optical character recognition software:
Madam Chairwoman and Members of the Subcommittee:
I am pleased to be here today to discuss our review of the National
Infrastructure Protection Center (NIPC). As you know, the NIPC is an
important element of our government's strategy to protect our national
infrastructures from hostile attacks, especially computer-based attacks.
This strategy was outlined in Presidential Decision Directive (PDD) 63,
which was issued in May 1998.
My statement summarizes the key findings in our report on the NIPC,
which you released in May.1 That report is the result of an evaluation we
performed at the request of you, Madam Chairwoman; Senator Kyl; and
Senator Grassley. As you requested, the report describes the NIPC's
progress in developing national capabilities for analyzing cyber threats and
vulnerability data and issuing warnings, enhancing its capabilities for
responding to cyber attacks, and establishing information-sharing
relationships with government and private-sector entities.
Overall, we found that progress in developing the analysis, warning, and
information-sharing capabilities called for in PDD 63 has been mixed. The
NIPC has initiated a variety of critical infrastructure protection efforts that
have laid a foundation for future governmentwide efforts. In addition, it
has provided valuable support and coordination related to investigating
and otherwise responding to attacks on computers. However, at the close
of our review in February 2001, the analytical and information-sharing
capabilities that PDD 63 asserts are needed to protect the nation's critical
infrastructures had not yet been achieved, and the NIPC had developed
only limited warning capabilities. Developing such capabilities is a
formidable task that experts say will take an intense interagency effort. An
underlying contributor to the slow progress is that the NIPC's roles and
responsibilities had not been fully defined and were not consistently
interpreted by other entities involved in the government's broader critical
infrastructure protection strategy. Further, these entities had not provided
the information and support, including detailees, to the NIPC that was
envisioned by PDD 63.
The NIPC is aware of the challenges it faces and has taken some steps to
address them. In addition, the administration is reviewing the federal
critical infrastructure protection strategy, including the way the federal
government is organized to manage this effort. Our report includes a
1 Critical Infrastructure Protection: Significant Challenges in Developing National Capabilities (GAO-
01-323, April 25, 2001).GAO-01-1005T
Page 1
Upcoming Pages
Here’s what’s next.
Search Inside
This text can be searched. Note: Results may vary based on the legibility of text within the document.
Tools / Downloads
Get a copy of this page or view the extracted text.
Citing and Sharing
Basic information for referencing this web page. We also provide extended guidance on usage rights, references, copying or embedding.
Reference the current page of this Text.
United States. General Accounting Office. Critical Infrastructure Protection: Significant Challenges in Developing Analysis, Warning, and Response Capabilities, text, July 25, 2001; Washington D.C.. (https://digital.library.unt.edu/ark:/67531/metadc289960/m1/2/: accessed April 25, 2024), University of North Texas Libraries, UNT Digital Library, https://digital.library.unt.edu; crediting UNT Libraries Government Documents Department.