The Government Accountability Office (GAO) plans to issue a report in fiscal year 2022 about the impact of technology adoption driven by mass telework on federal agencies’ cybersecurity posture, Federal News Network reported Wednesday.
Jennifer Franks, director of information technology and cybersecurity at GAO, said Tuesday at a webinar she cannot discuss the report’s findings but noted an expansion in agencies’ threat surface as more employees shifted to remote work during the COVID-19 pandemic.
“And that this was a risk agencies were willing to indeed accept to maintain the health and safety of their employees, among other reasons, during the pandemic,” Franks said.
She called on agencies to adopt zero trust and implement proactive threat hunting measures. She also noted that the congressional watchdog intends to broaden its reviews in the near future to include risks to supply chains amid recent cyberattacks.
“So now not only do agencies have to worry about their network, but now we have to worry about the networks of the entities of supposed ‘trusted’ partners and suppliers,” Franks added.
ExecutiveBiz, sister site of GovConDaily and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.