Organizing Cyber Security

The Defense Department’s cyber security enterprise is too decentralized, leading to confusion among combatant commands as to who has the authority and responsibility to implement cyber operations, warned Government Accountability Office auditors Monday. They acknowledged that the standup of US Cyber Command and other organizational changes already in the works are a good first step; however, it’s too early to determine if the changes are working, according to GAO’s new report. The auditors recommended that DOD conduct a comprehensive department-wide assessment of cyber-related capability gaps and establish an implementation plan, and funding strategy, to resolve any gaps that may be identified. DOD agreed with the recommendations, according to the report. Earlier this month, the Pentagon released its first-ever cyberspace strategy. On Monday, Pentagon officials launched a new website to explain the strategy further and articulate DOD’s way ahead in cyberspace.