As the U.S. faces increased foreign cyber threats, the Department of State said in 2019 that it would stand up a Bureau of Cyberspace Security and Emerging Technologies (CSET) to address these threats, but according to the Government Accountability Office (GAO), State hasn’t informed or involved other partners in the bureau planning, which could increase risks of duplicating efforts.
“GAO’s prior work on government reorganization has shown that it is important for agencies to involve other agency stakeholders in developing proposed reforms to obtain their views,” GAO said in its report. “Without involving and communicating with agency partners on its reorganization plan, State lacks assurance that it will effectively achieve its goals for establishing CSET, and it increases the risk of negative effects from unnecessary fragmentation, overlap, and duplication of cyber diplomacy efforts.”
On the request of the House Committee on Foreign Affairs, GAO looked into how State involved the Departments of Commerce, Defense, Energy, Homeland Security, Justice, and Treasury, and officials from each of the six agencies told GAO that State “did not inform or involve them in the development of its plan to establish CSET.”
GAO recommends that State work to involve Federal agencies to get their views and identify risks, such as unnecessary fragmentation, overlap, and duplication of efforts related to establishing CSET. State did not concur with the recommendation.
“State did not concur, citing that other agencies are not stakeholders in an internal State reform, and that it was unware that these agencies had consulted with State before reorganizing their own cyberspace security organizations,” GAO wrote, adding that it stands by its recommendation.
The GAO report said State’s plan for a CSET bureau has not been implemented as of August.