DHS needs to improve the security posture of its cybersecurity program systems

Cyber threats pose a significant risk to economic and national security. In response to these threats, the President, legislators, experts, and others have characterized cybersecurity, or measures taken to protect a computer or computer system against unauthorized access or attack, as a pressing national security issue. The National Cyber Security Division (NCSD) was established to serve as the national focal point for addressing cybersecurity issues in the public and private sectors. The United States Computer Emergency Readiness Team (US-CERT), created under NCSD, is responsible for compiling and analyzing information about cybersecurity incidents and providing timely technical assistance to operators of agency information systems regarding security incidents. The team provides response support and defense against cyber attacks for the federal civil executive branch (.gov); disseminates reasoned and actionable cybersecurity information to the public; and facilitates information sharing with state and local government, industry, and international partners. Our audit focused on the security of the systems that US-CERT uses to accomplish its cybersecurity mission. Overall, NCSD has implemented adequate physical security and logical access controls over the cybersecurity program systems used to collect, process, and disseminate cyber threat and warning information to the public and private sectors. However, a significant effort is needed to address existing security issues in order to implement a robust program that will enhance the cybersecurity posture of the federal government. To ensure the confidentiality, integrity, and availability of its cybersecurity information, NCSD needs to focus on deploying timely system security patches to mitigate risks to its cybersecurity program systems, finalizing system security documentation, and ensuring adherence to departmental security policies and procedures.