The Government Accountability Office has found that the Department of Veterans Affairs still faces multiple cybersecurity challenges in the courseÂ of modernization.
VA must implement security controls to protect sensitive information, identifyÂ cybersecurity workforce needs, manage information technology supply chain risks and address known vulnerabilities, GAO said Thursday.
The department exhibited a lack ofÂ performance in financial reporting security reporting duringÂ fiscal year 2018, withÂ deficiencies inÂ access control,Â configuration management,Â contingency planning and other areas.
VA met six of 10 administration-imposedÂ cybersecurity goals and holds one ofÂ 18 agency information security programs that inspector generals identifyÂ as ineffective.
A total of 46 GAO-issued recommendations still remain unaddressed by VA.