The Government Accountability Office found that 20 federal agencies failed to meet the standards for cybersecurity incident response preparedness due to staff shortage, IT challenges and limitations in information sharing.
A GAO report released Monday showed that while the government departments have made progress in cyber threat response, there are still gaps in event logging, investigation and remediation.
The government watchdog investigated the 23 agencies covered by the Chief Financial Officers Act of 1990, which was established to improve financial management and disclosure across the departments.
GAO learned that the all of the agencies completed required activities under the Cybersecurity and Infrastructure Security Agency playbook. However, 20 of the offices failed to reach maturity level 3 of the Office of Management and Budget’s M-21-31 memorandum on cyber incident investigative and remediation capability assessment.
The report’s main recommendation to the concerned departments was to fully implement requirements for event logging. It also suggested 19 other courses of action, including additional details on continuity of operations planning in the CISA Federal Government Cybersecurity Incident and Vulnerability Response Playbooks.
