Dive Brief:
- The Department of Homeland Security's National Cybersecurity Protection System is partially, but not fully, meeting its stated system objectives, according to a new report from the Government Accountability Office.
- The 23 agencies required to implement NCPS have adopted it to varying degrees, the report said, but only five of the 23 agencies are receiving intrusion prevention services, for example.
- While DHS has developed metrics for measuring NCPS' performance, the report said, they “do not gauge the quality, accuracy, or effectiveness of the system's intrusion detection and prevention capabilities.”
Dive Insight:
NCPS is intended to provide the government “capabilities to detect malicious traffic traversing federal agencies' computer networks, prevent intrusions and support data analytics and information sharing,” according to the report.
The GAO report found that NCPS offers the DHS "only a limited ability to detect potentially malicious activity entering and exiting computer networks at federal agencies" and the agency has yet to develop most of the planned functionality for NCPS's information-sharing capability. Also, DHS has not defined requirements for capabilities to detect malware on customer agency internal networks or threats entering and exiting cloud service providers.
The GAO report, requested in 2014, did note that DHS has worked to overcome its policy and implementation barriers.