GAO Issues Report Reiterating the Need for Strong Cybersecurity Controls across Federal Agencies
The United States Government Accountability Office ("GAO") issued a follow-up report to a study conducted in June in response to recent data breaches at federal agencies. The report offered recommendations to improve government-wide cybersecurity initiatives.
In the report, GAO identified a number of challenges faced by federal agencies regarding threats to cybersecurity which include:
- designing and implementing a risk-based cybersecurity program;
- enhancing the oversight of contractors who provide IT services;
- improving security-incident-response activities;
- responding to breaches of personal information; and
- implementing cybersecurity programs at small agencies.
The GAO also recommended that agencies establish a "multi-layered, 'defense-in-depth'" approach to security that includes well-trained personnel, consistently applied processes and appropriate technologies. In an effort to improve cybersecurity across the Federal Government, the report reiterated that GAO is engaged in a number of current initiatives.
See: GAO Report; GAO Summary.