GAO Urges Action to Address Critical Cybersecurity Challenges Facing U.S.

A report from the Government Accountability Office highlighted an urgent need to address critical cybersecurity challenges facing the nation.
The report also highlighted the escalating frequency and sophistication of cybersecurity incidents, which pose increasing risks to essential technology systems and national security.
Federal agencies reported more than 30,000 information security incidents to the Department of Homeland Security's United States Computer Emergency Readiness Team in fiscal year 2022.
The report warns that such attacks could result in significant harm to human safety, national security, the environment and the economy.
The GAO identified major challenges, including the need for a robust national cybersecurity strategy, securing federal systems, protecting critical infrastructure and safeguarding privacy and sensitive data.
To counter these risks, the GAO recommends ten critical actions, such as developing a comprehensive federal strategy, mitigating global supply chain risks, addressing cybersecurity workforce challenges and enhancing the security of emerging technologies.
The report warned until these recommendations are fully implemented, federal agencies will struggle to provide effective oversight, ensure the security of critical infrastructure and protect sensitive data.
Malachi Walker, security advisor at DomainTools, said to combat the increasing risks to the nation's technology and address the unimplemented GAO recommendations, the most critical actions that should be prioritized are the ones that will proactively reduce vulnerabilities.
He noted effective oversight over government-wide cybersecurity initiatives is difficult due to a large and growing attack service and a limitation of government employees who specialize in cybersecurity.
According to a recent cybersecurity workforce study by the International Information System Security Certification Consortium, there is a total workforce shortage of four million cybersecurity professionals.
He added these challenges can be mitigated by allocating a budget with each new initiative to help support the facilitation of talent or the agency's ability to bring in a company that will support the agency's efforts in meeting these initiatives.
Daniel Wilbricht, president at Optiv and ClearShark explained to improve the federal response to cyber incidents, several measures can be implemented.
Developing and implementing standardized incident response protocols and procedures to ensure a consistent and effective approach and fostering improved information sharing between federal agencies, private sector partners and international allies are additional critical measures.
From the perspective of Ken Dunham, cyber threat director at Qualys Threat Research Unit, strategy and plans with achievable accountability and timelines, coupled with a security roadmap for maturing hygiene over time, are required for an effective federal response to cyber threats.


This Cyber News was published on securityboulevard.com. Publication date: Wed, 26 Jun 2024 19:13:05 +0000


Cyber News related to GAO Urges Action to Address Critical Cybersecurity Challenges Facing U.S.

GAO Urges Action to Address Critical Cybersecurity Challenges Facing U.S. - A report from the Government Accountability Office highlighted an urgent need to address critical cybersecurity challenges facing the nation. The report also highlighted the escalating frequency and sophistication of cybersecurity incidents, which ...
4 months ago Securityboulevard.com
US Agencies Failing to Oversee Ransomware Protections - The White House's goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies' lack of oversight of ransomware protections, according to a new Government Accountability Office report. The GAO noted ...
9 months ago Infosecurity-magazine.com
Majority of Gao's Cybersecurity Recommendations Not Implemented by Federal Agencies - The Government Accountability Office has recently reported that federal agencies have been slow to implement a majority of the recommendations it made for improving the cybersecurity of federal agencies. Despite the implementation progress at some ...
1 year ago Securityweek.com
Digital Learning Tools for Cybersecurity Education - In the field of cybersecurity education, digital learning tools have become indispensable. This article explores various digital learning tools tailored specifically to cybersecurity education. These digital learning tools play a crucial role in ...
10 months ago Securityzap.com
GAO: Federal Agencies Yet to Fully Implement Incident Response Capabilities - US federal agencies have made progress in implementing mature incident response plans, but many are still steps away from fully achieving this goal, a new report from the Government Accountability Office shows. According to GAO's report, out of 23 ...
11 months ago Securityweek.com
Fortinet Contributes to World Economic Forum's Strategic Cybersecurity Talent Framework - Shining a light on the cybersecurity workforce challenge, the World Economic Forum recently published its Strategic Cybersecurity Talent Framework, which is intended to serve as a reference for public and private decision-makers concerned by the ...
5 months ago Feeds.fortinet.com
US Federal Agencies Miss Deadline for Incident Response Requirements - Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability ...
11 months ago Infosecurity-magazine.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
10 months ago Securityzap.com
How to become a cybersecurity architect - Cybersecurity architects implement and maintain a comprehensive cybersecurity framework to protect their company's digital assets. The cybersecurity architect position is a fundamental role that all organizations need, said Lester Nichols, director ...
4 months ago Techtarget.com
Cybersecurity Training for Business Leaders - This article explores the significance of cybersecurity training for business leaders and its crucial role in establishing a secure and resilient business environment. By examining the key components of effective training programs and the ...
9 months ago Securityzap.com
Gamification in Cybersecurity Education - Gamification has become increasingly prevalent in numerous domains, including cybersecurity education. Gamification presents a promising approach to meet this challenge, making cybersecurity education both effective and enjoyable. One way to ...
10 months ago Securityzap.com
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
7 months ago Securityweek.com
The Importance of Cybersecurity Education in Schools - Cybersecurity education equips students with the knowledge and skills needed to protect themselves and others from cyber threats. Cybersecurity education can teach students about the impact of cyberbullying, how to prevent it, and how to respond ...
10 months ago Securityzap.com
Growing threats outpace cybersecurity workforce - The cybersecurity skills shortage threatens the well-being and even survival of numerous businesses as cybersecurity threats grow more numerous, sophisticated, and dangerous to the point that cybersecurity groups have vowed not to pay ransom demands. ...
9 months ago Legal.thomsonreuters.com
Developing Cybersecurity Awareness Programs for Schools - Schools are increasingly becoming targets for cyberattacks, necessitating the development of robust cybersecurity awareness programs. Ultimately, a comprehensive cybersecurity awareness program is essential for schools to mitigate risks, enhance ...
10 months ago Securityzap.com
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents - The U.S. Securities and Exchange Commission recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. "Currently, many public companies provide cybersecurity disclosure ...
11 months ago Feeds.dzone.com
Cybersecurity Training for Small Businesses - The importance of cybersecurity training for small businesses cannot be overstated in today's increasingly digital world. In conclusion, cybersecurity training is essential for small businesses to protect themselves against cyber threats. There are ...
8 months ago Securityzap.com
How to Avoid Falling Below the Cybersecurity Poverty Line - The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy ...
1 year ago Csoonline.com
Cybersecurity Curriculum Development Tips - In this article, we will explore essential tips for developing a comprehensive and up-to-date cybersecurity curriculum. By staying abreast of the latest industry trends, educational program developers can ensure that their curriculum remains relevant ...
10 months ago Securityzap.com
Cybersecurity Curriculum Development Tips for Schools - With the constant threat of cyber attacks, schools must prioritize the development of a robust cybersecurity curriculum to equip students with the necessary skills and knowledge. This article provides valuable insights and tips for schools aiming to ...
10 months ago Securityzap.com
What the cybersecurity workforce can expect in 2024 - For cybersecurity professionals, 2023 was a mixed bag of opportunities and concerns. The good news is that the number of people in cybersecurity jobs has reached its highest number ever: 5.5 million, according to the 2023 ISC2 Global Workforce Study. ...
10 months ago Securityintelligence.com
NASA Must Improve Spacecraft Cybersecurity, GAO Report Finds - NASA's cybersecurity framework for spacecraft development is inconsistent and must be improved, according to a 34-page review by the U.S. Government Accountability Office. The GAO report highlighted the need for mandatory cybersecurity updates ...
5 months ago Securityboulevard.com
Cybersecurity Workshops for Students - Cybersecurity workshops for students serve as an effective means to educate and empower the younger generation in protecting their digital assets. With proper planning and organization, cybersecurity workshops enable students to navigate the digital ...
10 months ago Securityzap.com
Cyber Employment 2024: Sky-High Expectations Fail Businesses & Job Seekers - Well-publicized estimates of a massive shortfall in cybersecurity workers have resulted in high expectations among job seekers in the field, but the reality often falls flat, because of a mismatch between companies' requirements and job seekers' ...
10 months ago Darkreading.com
Cybersecurity for Art and Design Schools - In the digital age, art and design schools face unique cybersecurity challenges. This article aims to shed light on the importance of cybersecurity in art and design schools and provide insights into safeguarding digital portfolios and ensuring ...
10 months ago Securityzap.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)