The Government Accountability Office has recommended that the federal government complete the implementation of the leadership and oversight requirements outlined in a 2021 executive order on protecting federal information technology systems from cyberattacks.
In a new report published Thursday, GAO said the Cybersecurity and Infrastructure Security Agency, the National Institute of Standards and Technology and the Office of Management and Budget have fully completed 49 of the 55 requirements and partially completed five.
One requirement related to standardizing a playbook for responding to cybersecurity vulnerabilities and incidents was flagged not applicable.
GAO recommended that the director of CISA issue its list of software and software product categories considered critical software and improve the operations of the Cyber Safety Review Board.
The agency also outlined three recommendations for OMB, including demonstrating that it has coordinated with pertinent agencies regarding resourcing needs for implementing an endpoint detection and response capability and logging, log retention and log management capabilities.
The Potomac Officers Club will host the 2024 Cyber Summit on June 6 to hear from government and industry experts about the dynamic and ever-evolving role of cyber in the public sector. Register here!
