Threat Assessment: DHS' Need to Leverage Public and Private Stakeholders
Planning, prioritizing and coordinating threat and vulnerability assessments remains a key challenge for the Department of Homeland Security. In recent Senate testimony, a GAO official noted that in May 2005 the organization reported to DHS on the progress the Department made "in planning and coordinating efforts to enhance cybersecurity...." However, the May GAO Report also noted that DHS had "not completed legislatively mandated threat and risk assessments to set priorities and to focus its limited resources to mitigate the greatest risk."

In their July testimony, GAO noted that they recently met with "DHS's acting director for cybersecurity who told us that DHS agreed with our findings and has initiated plans to address our recommendations." Furthermore, the DHS official acknowledged that the Department "has not adequately leveraged their public and private stakeholders in a prioritized manner and it plans to begin its prioritized approach by focusing stakeholders on information sharing, preparedness, and recovery."

GAO informed the Senate that "DHS has made progress in planning and coordinating efforts to enhance cybersecurity but more work remains to be done...including conducting important threat and vulnerability assessments and recovery plans."

DHS's initiatives to conduct threat and vulnerability assessments and recovery plans provides an excellent opportunity for the Department to develop and strengthen mechanisms, formal and informal, for leveraging their relationships with public and private stakeholders.