US Federal Agencies Miss Deadline for Incident Response Requirements

Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability Office.
In a new report, published on December 4, 2023, the GAO found that 20 US federal agencies have not yet reached the advanced level - tier three - for cyber event logging.
Those include the Departments of Commerce, State and Justice.
According to 2021 Executive Order 14028, Cybersecurity Incident Response Requirements and Status of Completion, the US Office of Management and Budget required all US federal agencies to work toward reaching event logging tier three by August 2023.
This tier three level means that logging requirements at all criticality levels are met.
As of August 2023, only three of the 23 agencies were at tier three - three other agencies had reached the tier one level and 17 had not gone past the tier zero level.
The GAO investigated the reasons behind these shortcomings by interviewing the security decision-makers within all 23 US federal agencies.
The GAO said federal entities have started several initiatives to address these challenges.
The GAO noted that all 23 agencies have incorporated or are incorporating the CISA playbook, issued in November 2021, into their plans.
They have also substantially completed the preparation phase activities and have begun to deploy an endpoint detection and response solution.
Finally, the GAO made a list of 20 recommendations to the heads of federal agencies to help further the progress and resolve some of the bottlenecks and challenges the agencies face in meeting cyber requirements.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 05 Dec 2023 16:00:17 +0000


Cyber News related to US Federal Agencies Miss Deadline for Incident Response Requirements

Incident Response Plan: How to Build, Examples, Template - A strong incident response plan - guidance that dictates what to do in the event of a security incident - is vital to ensure organizations can recover from an attack or other cybersecurity event and minimize potential disruption to company ...
8 months ago Techtarget.com
What is digital forensics and incident response? - Digital forensics and incident response is a combined set of cybersecurity operations that incident response teams use to detect, investigate and respond to cybersecurity events. As the acronym implies, DFIR integrates digital forensics and incident ...
8 months ago Techtarget.com
How to Conduct Incident Response Tabletop Exercises - An incident response tabletop exercise is an activity that involves testing the processes outlined in an incident response plan. Attack simulations are run to ensure incident response team members know their roles and responsibilities - and whether ...
8 months ago Techtarget.com
New Microsoft Incident Response team guide shares best practices for security teams and leaders - The incident response process can be a maze that security professionals must quickly learn to navigate-which is no easy task. Surprisingly, many organizations still lack a coordinated incident response plan, and even fewer consistently apply it. ...
9 months ago Microsoft.com
US Federal Agencies Miss Deadline for Incident Response Requirements - Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability ...
10 months ago Infosecurity-magazine.com
4 key steps to building an incident response plan - In this Help Net Security interview, Mike Toole, head of security and IT at Blumira, discusses the components of an effective security incident response strategy and how they work together to ensure organizations can address cybersecurity issues. An ...
3 months ago Helpnetsecurity.com
How to build a cyber incident response team - As an incident response manager himself, Valentin regularly coordinates security responses for companies of all shapes and sizes - including many of the examples discussed in this post. He explains everything you need to know about building and ...
10 months ago Heimdalsecurity.com
BT Misses Deadline For Huawei Equipment Removal - Carrier fails to completely meet UK government's year-end deadline, for removal of Huawei equipment from core network. The UK government's year-end deadline for BT to remove Huawei telecoms equipment from its core network has been missed. The ...
9 months ago Silicon.co.uk
GAO: Federal Agencies Yet to Fully Implement Incident Response Capabilities - US federal agencies have made progress in implementing mature incident response plans, but many are still steps away from fully achieving this goal, a new report from the Government Accountability Office shows. According to GAO's report, out of 23 ...
10 months ago Securityweek.com
How to create an incident response playbook - Creating and maintaining an incident response playbook can significantly improve the speed and effectiveness of your organization's incident response. To help, here's a crash course on what incident response playbooks are, why they are important, how ...
9 months ago Techtarget.com
A Heimdal MXDR Expert on Incident Response Best Practices and Myth Busting - I got to talk to Dragoș Roșioru, a seasoned MXDR expert, about incident response best practices and challenges. Get an in-depth understanding of the do's and don'ts in incident response as Dragoș explains how to avoid the most common mistakes ...
9 months ago Heimdalsecurity.com
Accelerating Safe and Secure AI Adoption with ATO for AI: stackArmor Comments on OMB AI Memo - We appreciate the opportunity to comment on the proposed Memo on Agency Use of Artificial Intelligence. Ensuring agencies have access to adequate IT infrastructure,. We base our remarks on our experience helping US Federal agencies transform their ...
9 months ago Securityboulevard.com
Majority of Gao's Cybersecurity Recommendations Not Implemented by Federal Agencies - The Government Accountability Office has recently reported that federal agencies have been slow to implement a majority of the recommendations it made for improving the cybersecurity of federal agencies. Despite the implementation progress at some ...
1 year ago Securityweek.com
BT Risks Fine As Huawei Removal Deadline Nears - UK carrier BT is at risk of a fine as it nears 31 December deadline to replace Huawei equipment from its core network. BT Group is at risk of financial penalties from the UK government, as it looks set to miss the 31 December to replace equipment ...
9 months ago Silicon.co.uk
Continuity in Chaos: Applying Time-Tested Incident Response to Modern Cybersecurity - Incident response is foundational to every security program, yet many companies still struggle with adoption and testing. He enumerated the top challenges of incident response at the time which were 1) Increasing complexity and sophistication of ...
9 months ago Securityweek.com
How Cloud Solutions Can Lead to Stronger, More Secure IT Operations - Cloud services, which offer tools such as networks, servers, and data storage, can help federal agencies deliver better IT services while minimizing costs. Without adequate security measures, these services can expose agencies to cyberattacks. The ...
6 months ago Cyberdefensemagazine.com
CISA, FBI and EPA Release Incident Response Guide for Water and Wastewater Systems Sector - With WWS Sector contributions, guide provides recommended actions and available resources throughout cyber incident response lifecycle. WASHINGTON - The Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and ...
8 months ago Cisa.gov
Important details about CIRCIA ransomware reporting - This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency to develop and implement regulations requiring covered entities to report covered cyber incidents and ransomware payments. Ransomware attacks have become ...
4 months ago Securityintelligence.com
The Importance of Incident Response for SaaS - The importance of a thorough incident response strategy cannot be understated as organizations prepare to identify, investigate, and resolve threats as effectively as possible. Most security veterans are already well aware of this fact, and their ...
10 months ago Securityboulevard.com
How Government Agencies Can Leverage Grants to Shore Up Cybersecurity - COMMENTARY. Since the pandemic forced unprecedented adoption of remote access and delivery of government services, telehealth, and education, cybersecurity has rapidly shot to the top of priority lists for IT leaders. What was once a shiny object ...
5 months ago Darkreading.com
Security Alert! CISA Reports Refund Scam Targeting Federal Agencies Through Remote Management Software - The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert to federal agencies about a refund scam targeting them through remote management software. According to the alert, hackers have been using the remote software to ...
1 year ago Therecord.media
Best Strategies for Avoiding Security Breaches in the U.S. Federal Agencies - U.S. federal agencies are an appealing target for malicious actors and hackers, so it is important for them to be equipped with the best tactics to prevent security breaches and data losses. In this article, we will cover how hackers use legitimate ...
1 year ago Heimdalsecurity.com
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat - WASHINGTON - Today, the Cybersecurity and Infrastructure Security Agency publicly issued Emergency Directive 24-02 in response to a recent campaign by Russian state-sponsored cyber actor Midnight Blizzard targeting Microsoft corporate email accounts ...
5 months ago Cisa.gov
Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines - Starting Dec. 18, publicly traded companies will need to report material cyber threats to the SEC. Deloitte offers business leaders tips on how to prepare for these new SEC rules. The U.S. Securities and Exchange Commission’s new rules around ...
10 months ago Techrepublic.com
Tech upgrades for first responders are a necessity, not a luxury - Public safety professionals want technology upgrades and adoption of federal standards for first responder IT security, reporting and efficiency, according to Mark43. First responders face growing concerns amidst cybersecurity surge. The ...
9 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)