The Government Accountability Office (GAO) is reemphasizing the federal government needs to proceed with greater urgency to bolster cybersecurity initiatives across the board amid rapidly evolving threats.
Per the GAO, the government needs to take 10 actions to address four major challenges identified four years ago, including securing federal systems and protecting critical infrastructure.
While the government has made some improvements, the GAO acknowledged weaknesses remain, citing the December 2020 cyberattack on agencies, infrastructure, and the private sector. Critical risks remain on supply chains, workforce management, and emerging technologies.
The GAO said federal agencies continue to have varied cybersecurity weaknesses due to ineffective information security programs. Cyber incidents are increasingly posing a threat to government and private sector entities.
GAO has made nearly 80 recommendations to enhance infrastructure cybersecurity since 2010, per the agency, but noted most of the recommendations have not been implemented.
The GAO maintains risks of unprotected infrastructures being harmed are heightened, and the federal government and private sector have struggled to protect privacy and sensitive data.
Meanwhile, the GAO added technological advances have made it easy to correlate information about individuals, and internet connectivity has facilitated sophisticated tracking of individuals and activities.
Since 2010, GAO has made about 3,300 recommendations to agencies aimed at remedying cybersecurity shortcomings, and as of December 2020, per the GAO, more than 750 of the recommendations are not yet implemented.