2nd Edition

Tracking the trends and news for IT and IT Security

Paul Davis

GAO audit reveals federal agencies’ struggle to fully implement cybersecurity incident response …

GAO audit reveals federal agencies’ struggle to fully implement cybersecurity incident response …
Industrial Cyber – Anna Ribeiro
The U.S.
Government Accountability Office (GAO) audit revealed that while federal agencies have made progress in implementing incident response requirements, there remains a need for fuller implementation.
Specifically, out of the 23 civilian Chief Financial Officers (CFO) Act of 1990 agencies, 20 agencies have not fully met requirements for investigation and remediation (event logging) capabilities.
This incomplete implementation hinders the federal government’s ability to fully detect, investigate, and remediate cyber threats.
Furthermore, there has been limited progress in reaching the advanced (tier 3) level, where logging requirements at all criticality levels are met.
GAO interviewed officials and reviewed documentation from the 24 CFO Act agencies, Cybersecurity and Infrastructure Security Agency (CISA), and the Office of Management and Budget (OMB) to evaluate their capabilities and progress regarding cybersecurity incident response.
The watchdog’s report addressed challenges faced by agencies, including lack of staff, event logging technical challenges, and limitations in cyber threat information sharing.
Despite acknowledging progress in certain incident response areas, the audit identified that agencies had not fully met event logging requirements.
GAO made 20 recommendations for executive action to 19 agencies, including fully implementing event logging requirements.
Some agencies have agreed with the recommendations, while others neither agreed nor disagreed, indicating the ongoing efforts and challenges associated with cybersecurity incident response.
Additionally, the CISA director has been urged to provide additional detail to federal agencies on COOP planning and include the requirement to provide primary and secondary points of contact to CISA.
Link: https://industrialcyber.co/reports/gao-audit-reveals-federal-agencies-struggle-to-fully-implement-cybersecurity-incident-response-requirements/

Categories:

Tags: