Description |
1 online resource (ii, 48 pages) : illustrations |
|
text txt rdacontent |
|
computer c rdamedia |
|
online resource cr rdacarrier |
Note |
"Audit Division 19-23." |
|
"March 2019." |
|
" ... we examined the FBI's adherence to Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and the FBI Cyber Division Policy Guide 0853pg as well as other related policies." -- Executive summary. |
|
"The FBI established Cyber Guardian for tracking the production, dissemination, and disposition of cyber-victim notifications which can help victims mitigate the damage caused by cyber intrusions and increase the potential for intelligence collection by the FBI. However, we found that the data in Cyber Guardian was incomplete and unreliable, making the FBI unable to determine whether all victims are being notified. The quality of formal requests for investigative actions, called leads, set for victim notification was inconsistent. In addition, not all agents indexed victims within Sentinel, as required. Together, the inconsistent leads and indexing contributed to some notifications not being tracked property or taking place too long after the attack for the victim to effectively mitigate the threat to its system. Further, the Department of Homeland Security (DHS) -- a partner in using Cyber Guardian --was not entering information into the system as required, contributing to the incompleteness of data in Cyber Guardian. We also found that victims identified in national security cyber cases were not informed of their rights as required by the Attorney General Guidelines for Victim and Witness Assistance (AG Guidelines). The FBI plans to replace Cyber Guardian in fiscal year (FY) 2019 with CyNERGY, a new system which may solve some, but not all data quality issues." -- Executive summary. |
|
Report includes FBI's response to draft audit report. |
|
Description based on online resource; title from PDF cover (OIG.JUSTICE.gov website, viewed April 24, 2019). |
Subject |
United States. Federal Bureau of Investigation -- Information technology -- Evaluation.
|
|
United States. Federal Bureau of Investigation -- Management -- Evaluation.
|
|
Management audit.
|
|
Cyberterrorism -- United States -- Prevention -- Evaluation.
|
|
Computer networks -- Security measures -- United States.
|
|
National security -- United States.
|
|
United States. Federal Bureau of Investigation. (OCoLC)fst00528882
|
|
Management audit. (OCoLC)fst01007251
|
|
Computer networks -- Security measures.
(OCoLC)fst00872341
|
|
Information technology -- Evaluation. (OCoLC)fst00973102
|
|
Management -- Evaluation. (OCoLC)fst01007186
|
|
National security. (OCoLC)fst01033711
|
|
United States. (OCoLC)fst01204155
|
Added Author |
United States. Department of Justice. Office of the Inspector General, issuing body.
|
Note |
At head of title: Redacted for public release |
Gpo Item No. |
0718-C-01 (online) |
Sudoc No. |
J 37.2:C 99 |
|