https://www.nextgov.com/cybersecurity/2019/07/agencies-still-falling-short-cyber-standards-gao-says/158783/
By Jack Corrigan,
Staff Correspondent
Nextgov.com
July 29, 2019
Many major federal agencies are dropping the ball when it comes to basic
cybersecurity practices despite thousands of watchdog recommendations and
an expanding array of digital threats, according to the Government
Accountability Office.
Last year, federal auditors revealed that most agencies don’t understand
the cybersecurity risks they face, and even fewer have put in place
sufficient safeguards to defend against those threats, GAO said in a
report published Friday. Many also lack proper policies for responding to
intrusions and recovering from attacks, according to auditors.
The report, which summarizes numerous assessments from GAO and agency
inspectors general, highlight the government’s long-standing struggle to
translate IT security from paper to practice.
“IT systems are often riddled with security vulnerabilities,” auditors
wrote in the report. “These vulnerabilities can facilitate security
incidents and cyberattacks that disrupt critical operations; lead to
inappropriate access to and disclosure, modification, or destruction of
sensitive information; and threaten national security, economic
well-being, and public health and safety.”
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
