GAO: DoD should clarify its role during cyber incidents

In April the Government Accountability Office (GAO) released a report suggesting the Department of Defense (DoD) clarify its roles and responsibilities for Defense Support to Civil Authorities (DSCA) during cyber incidents. The report, GAO-16-332, comes as the scale, frequency, and impact of cyber incidents grow.

Cyber threats loom over U.S. national and economic security, requiring DoD to be ready to support civil authorities in all domains. To prepare for this report, GAO reviewed DoD DSCA guidance, policies, and plans. GAO also met with relevant officials from DoD, National Guard Bureau, and Department of Homeland Security.

GAO found that while DoD has developed guidance for its support to civil authorities, the DoD guidance does not clearly define its roles and responsibilities for cyber incidents. DoD officials acknowledged the limitations of the current guidance, saying that the department had not yet determined the approach it would take to support civil authorities in a cyber event.

GAO recommended that DoD issue guidance that clarifies their roles and responsibilities to support civil authorities in a domestic cyber incident. DoD concurred with the recommendation.

For more information on GAO-16-332, please follow the link below.
GAO-16-332, Civil Support: DoD Needs to Clarify Its Roles and Responsibilities for Defense Support of Civil Authorities During Cyber Incidents