U.S. GAO Recommends Urgent Need For Federal Agencies to Increase Cybersecurity Infrastructure

Written By Haley Metteauer

On December 2, 2021, the United States Government Accountability Office (GAO) released a report evaluating the federal government's cybersecurity infrastructure, recommending changes to be implemented by the agency.

The report established the following four major cybersecurity challenges currently facing the nation and critical actions to meet these challenges:

Challenge #1:  establish a comprehensive cybersecurity strategy and perform effective oversight

Critical Actions:

  • Develop and execute a more comprehensive federal strategy for national cyber security and global cyberspace

  • Mitigate global supply chain risk (e.g., installation of malicious software or hardware)

  • Address cyber security workforce management challenges

  • Ensured the security of emerging technologies (e.g., artificial intelligence and Internet of Things)

Challenge #2: secure federal systems and information

Critical Actions:

  • Improve implementation of government-wide cybersecurity initiatives

  • Address weaknesses in federal agency information security programs

  • Enhance the federal response to cyber incidents

Challenge #3: protect cyber critical infrastructure

Critical Actions:

  • Strengthen the federal role in protecting the cybersecurity of critical infrastructure (e.g., electricity grid and telecommunications networks)

Challenge 4: protect privacy and sensitive data

                  Critical Actions:

  • Improve federal efforts to protect privacy and sensitive data

  • Appropriately limit the collection and use of personal information and ensure that it is obtained with appropriate knowledge or consent

According to the report, the GAO has made about 3,700 recommendations to agencies aimed at remedying cybersecurity shortcomings since 2010 and approximately 2,800 have been implemented. Accordingly, there is a great likelihood that these recommendations will be implemented or used for further legislative efforts.

If you have any questions or concerns about how this report could impact your organization, please contact Kennedy Sutherland.

Haley Metteauer
Previous

FINRA Issues Multi-Million Dollar Fine After Consumer Recordkeeping Violations
Next

OCC Releases Fall Report on Cybersecurity Elevated Risks