Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required by law, according to the US Government Accountability Office.
In a new report, published on December 4, 2023, the GAO found that 20 US federal agencies have not yet reached the advanced level - tier three - for cyber event logging.
Those include the Departments of Commerce, State and Justice.
According to 2021 Executive Order 14028, Cybersecurity Incident Response Requirements and Status of Completion, the US Office of Management and Budget required all US federal agencies to work toward reaching event logging tier three by August 2023.
This tier three level means that logging requirements at all criticality levels are met.
As of August 2023, only three of the 23 agencies were at tier three - three other agencies had reached the tier one level and 17 had not gone past the tier zero level.
The GAO investigated the reasons behind these shortcomings by interviewing the security decision-makers within all 23 US federal agencies.
The GAO said federal entities have started several initiatives to address these challenges.
The GAO noted that all 23 agencies have incorporated or are incorporating the CISA playbook, issued in November 2021, into their plans.
They have also substantially completed the preparation phase activities and have begun to deploy an endpoint detection and response solution.
Finally, the GAO made a list of 20 recommendations to the heads of federal agencies to help further the progress and resolve some of the bottlenecks and challenges the agencies face in meeting cyber requirements.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 05 Dec 2023 16:00:17 +0000