A report from the Government Accountability Office highlighted an urgent need to address critical cybersecurity challenges facing the nation.
The report also highlighted the escalating frequency and sophistication of cybersecurity incidents, which pose increasing risks to essential technology systems and national security.
Federal agencies reported more than 30,000 information security incidents to the Department of Homeland Security's United States Computer Emergency Readiness Team in fiscal year 2022.
The report warns that such attacks could result in significant harm to human safety, national security, the environment and the economy.
The GAO identified major challenges, including the need for a robust national cybersecurity strategy, securing federal systems, protecting critical infrastructure and safeguarding privacy and sensitive data.
To counter these risks, the GAO recommends ten critical actions, such as developing a comprehensive federal strategy, mitigating global supply chain risks, addressing cybersecurity workforce challenges and enhancing the security of emerging technologies.
The report warned until these recommendations are fully implemented, federal agencies will struggle to provide effective oversight, ensure the security of critical infrastructure and protect sensitive data.
Malachi Walker, security advisor at DomainTools, said to combat the increasing risks to the nation's technology and address the unimplemented GAO recommendations, the most critical actions that should be prioritized are the ones that will proactively reduce vulnerabilities.
He noted effective oversight over government-wide cybersecurity initiatives is difficult due to a large and growing attack service and a limitation of government employees who specialize in cybersecurity.
According to a recent cybersecurity workforce study by the International Information System Security Certification Consortium, there is a total workforce shortage of four million cybersecurity professionals.
He added these challenges can be mitigated by allocating a budget with each new initiative to help support the facilitation of talent or the agency's ability to bring in a company that will support the agency's efforts in meeting these initiatives.
Daniel Wilbricht, president at Optiv and ClearShark explained to improve the federal response to cyber incidents, several measures can be implemented.
Developing and implementing standardized incident response protocols and procedures to ensure a consistent and effective approach and fostering improved information sharing between federal agencies, private sector partners and international allies are additional critical measures.
From the perspective of Ken Dunham, cyber threat director at Qualys Threat Research Unit, strategy and plans with achievable accountability and timelines, coupled with a security roadmap for maturing hygiene over time, are required for an effective federal response to cyber threats.
This Cyber News was published on securityboulevard.com. Publication date: Wed, 26 Jun 2024 19:13:05 +0000