Computer networks and infrastructures, on which the United States and much of the world rely to communicate and conduct business, contain vulnerabilities that can leave them susceptible to unauthorized access, disruption, or attack. Investing in research and development (R & D) is essential to protect critical systems and to enhance the cybersecurity of both the government and the private sector. Federal law has called for improvements in cybersecurity R & D, and, recently, President Obama has stated that advancing R & D is one of his administration's top priorities for improving cybersecurity. GAO was asked to determine the key challenges in enhancing national-level cybersecurity R & D efforts among the federal government and private companies. To do this, GAO consulted with officials from relevant federal agencies and experts from private sector companies and academic institutions as well as analyzed key documents, such as agencies' research plans. GAO is recommending that the Director of OSTP direct NITRD to exercise its leadership responsibilities by taking several actions, including developing a national agenda, and establishing and utilizing a mechanism to keep track of federal cybersecurity R & D funding. OSTP agreed with GAO's recommendation and provided details on planned actions.